(OWASP)(笔记)(代码审计)OWASP TOP TEN 2021

最新推荐文章于 2025-11-14 12:44:57 发布

原创

最新推荐文章于 2025-11-14 12:44:57 发布 · 1.2k 阅读

21 ·

CC 4.0 BY-SA版权

文章标签：

#笔记 #安全 #网络

写在前面

这篇文章是关于作者学习2021版owasp top 10的笔记
原文(英文)的地址是：owasp-top-ten
在我个人看来，了解这份报告，一个目的是为了面试（笑），另一个目的是方便确定代码审计的切入点，关于这一点，我在文章最后进行了一个总结，这个总结可能不够全面，哪位朋友有意见或疑惑可以留言或联系h3llow0rld@foxmail.com

漏洞列表

顺序	漏洞
1	Broken Access Control
2	Cryptographic Failures
3	Injection
4	Insecure Design
5	Security Misconfiguration
6	Vulnerable and Outdated Components
7	Identification and Authentication Failures
8	Software and Data Integrity Failures
9	Security Loggin and Monitoring Failures
10	Server-Side Request Forgery

漏洞详情

Broken Access Control

漏洞描述

违背最小权限原则或默认拒绝原则，本来只能允许特定capabilities，roles，user，但是所有人都能访问
通过修改url（参数伪造或强制浏览），内部应用状态，或者通过使用工具修改api请求来绕过访问控制检查
通过提交其他用户的独特标识参数来访问或编辑他人账户（IDOR）
POST，PUT，DELETE方法的请求缺少访问控制
垂直越权。未登录使用登陆用户功能，普通用户登录使用管理员功能
元数据操纵，譬如重放或伪造JWT，或者操纵cookie或隐藏字段来进行提权或滥用JWT失效机制
CORS错误配置导致允许来自未授权或不信任域的请求访问api
作为未认证用户浏览需要认证的页面，或则作为标准用户浏览特权用户的页面

表现形式

CWE-22 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’)
CWE-23 Relative Path Traversal
CWE-35 Path Traversal: ‘…/…//’
CWE-59 Improper Link Resolution Before File Access (‘Link Following’)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-201 Exposure of Sensitive Information Through Sent Data
CWE-219 Storage of File with Sensitive Data Under Web Root
CWE-264 Permissions, Privileges, and Access Controls (should no longer be used)
CWE-275 Permission Issues
CWE-276 Incorrect Default Permissions
CWE-284 Improper Access Control
CWE-285 Improper Authorization
CWE-352 Cross-Site Request Forgery (CSRF)
CWE-359 Exposure of Private Personal Information to an Unauthorized Actor
CWE-377 Insecure Temporary File
CWE-402 Transmission of Private Resources into a New Sphere (‘Resource Leak’)
CWE-425 Direct Request (‘Forced Browsing’)
CWE-441 Unintended Proxy or Intermediary (‘Confused Deputy’)
CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere
CWE-538 Insertion of Sensitive Information into Externally-Accessible File or Directory
CWE-540 Inclusion of Sensitive Information in Source Code
CWE-548 Exposure of Information Through Directory Listing
CWE-552 Files or Directories Accessible to External Parties
CWE-566 Authorization Bypass Through User-Controlled SQL Primary Key
CWE-601 URL Redirection to Untrusted Site (‘Open Redirect’)
CWE-639 Authorization Bypass Through User-Controlled Key
CWE-651 Exposure of WSDL File Containing Sensitive Information
CWE-668 Exposure of Resource to Wrong Sphere
CWE-706 Use of Incorrectly-Resolved Name or Reference
[CWE-862 Missing Authorization](https://cwe.mitre.org/data/definitions/862.html
CWE-863 Incorrect Authorization
CWE-913 Improper Control of Dynamically-Managed Code Resources
CWE-922 Insecure Storage of Sensitive Information
CWE-12

最低0.47元/天解锁文章