Often Misused: Login - http://zero.webappsecurity.com:80/adcenter.cgi
Created by: armorcodegithubapp[bot]
Category: Often Misused: Login Scan Type: Dynamic CheckType: Vulnerability Abstract: An unencrypted login form has been discovered. Any area of a web application that possibly contains sensitive information or access to privileged functionality such as remote site administration functionality should utilize SSL or another form of encryption to prevent login information from being sniffed or otherwise intercepted or stolen. If the login form is being served over SSL, the page that the form is being submitted to MUST be accessed over SSL. Every link/URL present on that page (not just the form action) needs to be served over HTTPS. This will prevent Man-in-the-Middle attacks on the login form. Recommendations include ensuring that sensitive areas of your web application have proper encryption protocols in place to prevent login information and other data that could be helpful to an attacker from being intercepted. Request: GET /adcenter.cgi HTTP/1.1 Referer: http://zero.webappsecurity.com:80/pindex.asp User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Accept: / Pragma: no-cache Host: zero.webappsecurity.com X-Scan-Memo: Category="Crawl"; Function="CreateStateRequest"; SID="8B91FAA33009378BA04E34B6FD189311"; PSID="DDAF520E2E30901117999914F5CB2876"; SessionType="Crawl"; CrawlType="HTML"; AttackType="None"; OriginatingEngineID="00000000-0000-0000-0000-000000000000"; ThreadId="51"; ThreadType="CrawlBreadthFirstDBReader"; Connection: Keep-Alive Cookie: CustomCookie=WebInspect69383ZXB3FCEA2CCD6849B0A63D3EFF65615601Y3637;status=yes;username=;userid=;sessionid=;ASPSESSIONIDCARBTACT=BFDJMBECKAHAMJENBDMOPBPC;state=;passes3=;passes=;passes2=
File Path: //zero.webappsecurity.com:0
Mitigation:
For Security Operations:
Ensure that sensitive areas of your web application have proper encryption protocols in place to prevent login information and other data that could be helpful to an attacker from being intercepted.
For Development:
Ensure that sensitive areas of your web application have proper encryption protocols in place to prevent login information and other data that could be helpful to an attacker from being intercepted.
For QA:
Test the application not only from the perspective of a normal user, but also from the perspective of a malicious one.
https://app.armorcode.com/#/findings/65334045
Knowledge Base: Man in the Middle (MITM) Attack:https://app.armorcode.com/#/knowledgeBase/45