Web Service Hijacking in VMWare WebAccess

Trustwave's SpiderLabs Security Advisory TWSL2010-002
Web Service Hijacking in VMWare WebAccess


Published: 2010-03-30 Version: 1.0


Web application developers tend to use reversible hash algorithms like Base64, rot13 for hiding sensitive information in POST data and query string. Scanning this kind of web application with automated tools will be a failure and this kind of vulnerability will not be discovered because current web application scanners are programmed to fuzz.


Look for all possible encrypted data and their algorithms.
Decrypt data and re-submit with tampered data.
Learn application behavior whether it fullfills your tampered request or not.


This vulnerability can be logically related to view state tampering of ASP.Net/JSF/JSP where developers mostly store sensitive information in View State data.


Popular posts from this blog

Bypassing referrer check with no script involved

Jumping out of Touch Screen Kiosks