Skip to content

Commit 5848eb0

Browse files
davidhadasnate-double-u
davidhadas
and
nate-double-u
authored
Update content/en/blog/_posts/2023-01-15-Security-Bahavior-Analysis/index.md
Co-authored-by: Nate W. <[email protected]>
1 parent 225a156 commit 5848eb0

File tree

1 file changed

+1
-1
lines changed
  • content/en/blog/_posts/2023-01-15-Security-Bahavior-Analysis

1 file changed

+1
-1
lines changed

content/en/blog/_posts/2023-01-15-Security-Bahavior-Analysis/index.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ Being vulnerable does not necessarily mean that your service will be exploited.
2424

2525
{{< figure src="Example.png" alt="Image of an example of offender gaining foothold in a service" class="diagram-large" caption="Figure 1. An Offender gaining foothold in a vulnerable service" >}}
2626

27-
The above diagram shows an example in which the offender does not yet have a foothold in the service, that is, it is assumed that your service does not run code controlled by the offender on day 1. In our example the service has vulnerabilities in the API exposed to clients. To gain an initial foothold the offender uses a malicious client to try and exploit one of the service API vulnerabilities. The malicious client sends an exploit that triggers some unplanned behavior of the service.
27+
The above diagram shows an example in which the offender does not yet have a foothold in the service; that is, it is assumed that your service does not run code controlled by the offender on day 1. In our example the service has vulnerabilities in the API exposed to clients. To gain an initial foothold the offender uses a malicious client to try and exploit one of the service API vulnerabilities. The malicious client sends an exploit that triggers some unplanned behavior of the service.
2828

2929
More specifically, let’s assume the service is vulnerable to an SQL injection. The developer failed to sanitize the user input properly, thereby allowing clients to send values that would change the intended behavior. In our example, if a client sends a query string with key “username” and value of _“tom or 1=1”_, the client will receive the data of all users. Exploiting this vulnerability requires the client to send an irregular string as the value. Note that benign users will not be sending a string with spaces or with the equal sign character as a username, instead they will normally send legal usernames which for example may be defined as a short sequence of characters a-z. No legal username can trigger service unplanned behavior.
3030

0 commit comments

Comments
 (0)