Web App Hacking: Hacking Password Reset Functionality

This course helps you understand different types of vulnerabilities in password reset functionality. You will learn how to test web applications for various flaws in password reset functionality and how to provide countermeasures for these problems.
Course info
Rating
(45)
Level
Beginner
Updated
November 17, 2016
Duration
49m 44s
Table of contents
Description
Course info
Rating
(45)
Level
Beginner
Updated
November 17, 2016
Duration
49m 44s
Description

Password reset functionality is very commonly implemented in modern web applications. In this course, Web App Hacking: Hacking Password Reset Functionality, you will learn that this sensitive functionality is often insecurely implemented and it can lead to very severe consequences. First, you will learn how password reset link can be disclosed over insecure channel and how it can leak to external domain via Referer header. Next, you will learn how the attacker can get unauthorized access to the account of arbitrary user as a result of Insecure Direct Object Reference in password reset functionality. You will also learn how the attacker can impersonate a user when session management is insecurely implemented at the time of password resetting. Finally, you will learn about weaknesses in lifecycle of password reset link and you will see how the attacker can enumerate users as a result of a weakness in password reset functionality. By the end of the course, you will know how to test web applications for various flaws in password reset functionality. What's more, you will learn how to implement this functionality securely.

About the author
About the author

Dawid Czagan is listed among the Top 10 Hackers by HackerOne. He has found security vulnerabilities in Google, Yahoo, Mozilla, Microsoft, Twitter, and other companies. Due to the severity of these bugs, he has received numerous awards for his findings.

More from the author
Web App Hacking: Hacking XML Processing
Beginner
50m 16s
23 Jan 2018
More courses by Dawid Czagan
Transcript
Transcript

Hi everyone, my name is Dawid Czagan and welcome to my course, Web App Hacking: Hacking Password Reset Functionality.

I am a security instructor, researcher and bug hunter.
Password reset functionality is very commonly implemented in modern web applications. It turns out, however, that this sensitive functionality is often insecurely implemented and it can lead to very severe consequences.

1. Leakage of Password Reset Link- I will show you how password reset link can be disclosed over insecure channel and how it can leak to external domain via Referer header.
2. Insecure Direct Object Reference- You will learn how the attacker can get an unauthorized access to the account of arbitrary user as a result of Insecure Direct Object Reference in password reset functionality.
3. Insecure Session Management- I will demonstrate how the attacker can impersonate a user, when session management is insecurely implemented at the time password resetting.
4. Weaknesses in Lifecycle of Password Reset Link- I will discuss various flaws in lifecycle of password reset link.
5. User Enumeration- and I will show you how the attacker can enumerate users as a result of a weakness in password reset functionality.

By the end of the course, you will know how to test web applications for various flaws in password reset functionality. What’s more – you will learn how to implement this functionality securely.

I hope you’ll join me on this journey to learn about attacks on password reset functionality with the Web App Hacking: Hacking Password Reset Functionality course, at Pluralsight.