Protocol Test Harness Cracker
Security testing is the process that determines that confidential data stays confidential (i.e. It is not exposed to individuals/ entities for which it is not meant) and users can perform only those tasks that they are authorized to perform (e.g. A user should not be able to deny the functionality of the web site to other users, a user should not be able to change the functionality of the web application in an unintended way etc.). Some key terms used in security testing Before we go further, it will be useful to be aware of a few terms that are frequently used in web application security testing: What is “Vulnerability”? This is a weakness in the web application. The cause of such a “weakness” can be bugs in the application, an injection (SQL/ script code) or the presence of viruses.
What is “URL manipulation”? Some web applications communicate additional information between the client (browser) and the server in the URL.
Changing some information in the URL may sometimes lead to unintended behavior by the server. What is “SQL injection”? This is the process of inserting SQL statements through the web application user interface into some query that is then executed by the server. What is “XSS (Cross Site Scripting)”?
When a user inserts HTML/ client-side script in the user interface of a web application and this insertion is visible to other users, it is called XSS. What is “Spoofing”? The creation of hoax look-alike websites or emails is called spoofing. Security testing approach: In order to perform a useful security test of a web application, the security tester should have good knowledge of the HTTP protocol. It is important to have an understanding of how the client (browser) and the server communicate using HTTP. Additionally, the tester should at least know the basics of SQL injection and XSS. Hopefully, the number of security defects present in the web application will not be high.
Test harness protocol rar found at protocol-test-harness.software.informer. It currently supports two protocols. Protocol Test Harness 2.5 - The 61850 Test Harness is a Windows application that edits. Using Protocol Test Harness crack. Protocol Test Harness, free protocol test harness software downloads, Page 2. Found results for. Welcome to Shareware Junction - Free software downloads! Welcome to Shareware Junction! Shareware Junction is your source for all the latest shareware, trialware. Protocol All communication between a client and the server was done through the UDP protocol, a standard part of any IP stack. Protocol Test Harness Cracker Jack.
However, being able to accurately describe the security defects with all the required details to all concerned will definitely help. Password cracking: The security testing on a web application can be kicked off by “password cracking”. In order to log in to the private areas of the application, one can either guess a username/ password or use some password cracker tool for the same. Lists of common usernames and passwords are available along with open source password crackers.
If the web application does not enforce a complex password (e.g. With alphabets, number and special characters, with at least a required number of characters), it may not take very long to crack the username and password. If username or password is stored in cookies without encrypting, attacker can use different methods to steal the cookies and then information stored in the cookies like username and password. URL manipulation through HTTP GET methods: The tester should check if the application passes important information in the querystring. This happens when the application uses the HTTP GET method to pass information between the client and the server.
The information is passed in parameters in the querystring. The tester can modify a parameter value in the querystring to check if the server accepts it. Via HTTP GET request user information is passed to server for authentication or fetching data. Attacker can manipulate every input variable passed from this GET request to server in order to get the required information or to corrupt the data. In such conditions any unusual behavior by application or web server is the doorway for the attacker to get into the application. SQL Injection: The next thing that should be checked is SQL injection.
Entering a single quote (‘) in any textbox should be rejected by the application. Instead, if the tester encounters a database error, it means that the user input is inserted in some query which is then executed by the application. In such a case, the application is vulnerable to SQL injection. SQL injection attacks are very critical as attacker can get vital information from server database.
To check SQL injection entry points into your web application, find out code from your code base where direct MySQL queries are executed on database by accepting some user inputs. If user input data is crafted in SQL queries to query the database, attacker can inject SQL statements or part of SQL statements as user inputs to extract vital information from database. Even if attacker is successful to crash the application, from the SQL query error shown on browser, attacker can get the information they are looking for. Special characters from user inputs should be handled/escaped properly in such cases.
Cross Site Scripting (XSS): The tester should additionally check the web application for XSS (Cross site scripting). Any HTML e.g. Or any script e.g. A “cookie” is a small piece of information sent by a web server to store on a web browser so it can later be read back from that browser.
This is useful for having the browser remember some specific information. These are small data files which act as unique identifiers and allow our site to remember a particular user. Cookies do not harm computer. Certain areas of our web site, such as our forums use cookies.
Some times user’s personal information is stored in cookies and if someone hacks the cookie then hacker can get access to your personal information. Even corrupted cookies can be read by different domains and lead to security issues. This is why testing of website cookies is very important.
In this white paper, we will focus on basics of cookies world and also how to test the website cookies. INTRODUCTION In today’s world we use websites for numerous activities, like shopping, travel ticket booking. And here comes an important word “cookie” in the picture. Almost, everywhere cookies are used to store the information sent by web servers.
So, we will first focus on what exactly cookies are and how they work. What are cookies? Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve information from that machine.
Generally cookie contains personalized user data or information that is used to communicate between different web pages. An example is when a browser stores your passwords and user ID’s. They are also used to store preferences of start pages, both Microsoft and Netscape use cookies to create personal start pages. Cookies are nothing but the user’s identity and used to track where the user navigated throughout the web site pages.Why Cookie? The communication between web browser and web server is stateless. For example if you are accessing domain then web browser will simply query to example.com web server for the page 1.html. Next time if you type page as then new request is send to example.com web server for sending 2.html page and web server don’t know anything about to whom the previous page 1.html served.
What if you want the previous history of this user communication with the web server? You need to maintain the user state and interaction between web browser and web server somewhere. This is where cookie comes into picture. Cookies serve the purpose of maintaining the user interactions with web server. How cookies work? To exchange information files on the web, the HTTP protocol is used. There are two types of HTTP protocol: Stateless HTTP and Stateful HTTP protocol.
Stateless system A stateless system has no record of previous interactions and each interaction request has to be handled based entirely on the information comes with it. For eg, if we enter into our web browser’s address bar and press Enter, then conversation between the browser and the example.com web server goes like this: Web browser will simply query to example.com web server for the page sample.html.
Once the browser receives the last byte of information using HTTP, the example.com web server essentially forgets about the request data. If now, we send some other request to the web server, it will execute upon the request, without memory of the earlier request.
It does not need to remember the earlier request for the response of the new request. This isn’t bad for example.com website; no harm, no foul. Stateful system Are there are cases where state does matter for a web based system?
The answer is YES, and here comes the Stateful system. Stateful HTTP protocols do keep some history of previous web browser and web server interactions and this protocol is used by cookies to maintain the user interactions. Whenever user visits the site or page that is using cookie, small code inside that HTML page writes a text file on users machine called cookie. When user visits the same page or domain later time this cookie is read from disk and used to identify the second visit of the same user on that domain. Expiration time is set while writing the cookie. This time is decided by the application that is going to use the cookie. Applications where cookies are used.
Online Ordering Systems: An online ordering system could be developed using cookies that would remember what a person wants to buy, this way if a person spends three hours ordering CDs at your site and suddenly has to get off the net they could quit the browser and return weeks or even years later and still have those items in their shopping basket. Website Tracking: Site tracking can show you places in your website that people go to and then wander off because they don’t have any more interesting links to hit. It can also give you more accurate counts of how many people have been to pages on your site. Shopping: Cookies are used for maintaining online ordering system.
Protocol Test Harness
Cookies remember what user wants to buy. What if user adds some products in their shopping cart and closes the browser window? When next time same user visits the purchase page he can see all the products he added in shopping cart in his last visit. Marketing: Some companies use cookies to display advertisements on user machines. Cookies control these advertisements. UserIds: Cookies can track user sessions to particular domain using user ID and password. Death of a cookie!
When a web server sets a cookie into the system, it was optionally give it a “death” expiration date. When the date reaches, then the cookie gets deleted from the system. If the web server does not give an expiration date to a cookie, then the cookie is a per-session cookie. Per-session cookies are deleted as soon as you close the current session of the browser. So, if the cookie is not having any death date, then as soon as the browser is closed, the cookie is no longer into your system.
Browser Cookie Settings Listed below are examples of the steps taken to view your browser’s cookies settings: Changing cookie settings for Mozilla Firefox 1.5 (Adapted from the Firefox 1.5 integrated help system) By default Firefox 1.5 accepts all cookies, including cookies which would allow a site to recognize you effectively forever. If you want to grant sites you trust the ability to store cookies permanently. Click Exceptions. Enter the site address (In this case it would be americanadoptions.com). Click Allow. Changing cookie settings for Internet Explorer 7.
Click on the Tools menu and then click Internet Options. Click the Privacy tab, and then click Sites. Type americanadoptions.com in the Address of Web site field. Click Allow to always allow cookies from americanadoptions.com Changing cookie settings for Internet Explorer 6. Click on the Tools menu and then click Internet Options. Click the Privacy tab, and then click Sites. Type americanadoptions.com in the Address of Web site field.
Click Allow to always allow cookies from americanadoptions.com Changing cookie settings for Netscape 6. Click Edit Menu. Click Preferences.
Select Privacy & Security. Select Cookies To view your cookie settings on a browser not listed above, refer to your browser’s documentation.
Drawbacks of cookies. Loss of site traffic: Site containing cookie will be completely disabled and can not perform any operation, if user has set browser options to warn before writing any cookie or disabled the cookies completely. And this results in loss of site traffic.
Loads of cookies: If too many cookies are present on every page navigation and user has turned on option to warn before writing cookie, in that case this could turn away user from the web site and this could result in loss of site traffic and eventually loss of business. Valuable hard drive space: Cookies take up valuable hard drive space, so it may be to your advantage to delete a few on occasion, especially third-party cookies. Third-party cookies are placed on your computer by sites you haven’t visited. They usually come from companies who place ads on sites you have visited. Luckily, most browsers give you the option of rejecting only third-party cookies. Security: Some times user’s personal information is stored in cookies and if someone hacks the cookie then hacker can get access to your personal information. Even corrupted cookies can be read by different domains and lead to security issues.
Some sites may write and store your sensitive information in cookies, which should not be allowed due to privacy concerns. Cookie Testing Now when we know the basics of cookie world, let’s address how to test sites that use cookies. Disabling Cookies This is probably the easiest way of cookie testing. What happens when all cookies are disabled? Start like this: Close all browsers delete all cookies from PC. Now, open the website which uses cookies for actions.
Now, perform the major functions in the website. Most of the time, these will not work because cookies are disabled. This isn’t a bug: disabling cookies on a site that requires cookies, disables the site’s functionality. Is it obvious to the website user that he must have the cookies enables? Web servers are recognizing that attempts are made with disabled cookies, so, does it send a page with a normal message that cookies needs to be enabled before working?
There should not be any page crash due to disabling the cookies. Selectively rejecting cookies What happens when some of the cookies are accepted and some are rejected? If there are 10 cookies in web application then randomly accept some cookies say accept 5 and reject 5 cookies. For executing this test case you can set browser options to prompt whenever cookie is being written to disk, delete all previously saved cookies, close all open browsers and then start the test. Try to access major functionality of web site. On the prompt window you can either accept or reject cookie.
What’s happening: pages are getting crashed or data is getting corrupted? Corrupting cookies This is the test which will test the site! For this, we need to know the cookies the web site is saving and the information that is stored in the text files. Manually edit the cookie in notepad and change the parameters to some vague values. For eg, change the content of the cookie, change the name of the cookie, and then perform actions in the website. In some cases corrupted cookies allow to read the data inside it for any other domain. This should not happen in case of your web site cookies.
Note that the cookies written by one domain say rediff.com can’t be accessed by other domain say yahoo.com. Cookie Encryption There are websites, where we have no option other than saving sensitive data in cookie. Here it needs to be tested that the data stored in cookie is also getting stored in encrypted format. Deletion of cookies Access a website and allow it to write cookie. Now close all the browsers and manually delete the cookies. Again open the same website and try to work on it.
Is it crashing? Some times cookie written by domain say ABC.com may be deleted by same domain but by different page under that domain. This is the common case if you are testing some ‘action tracking’ web portal.
Action tracking or purchase tracking is placed on the action web page and when any action or purchase occurs by user the cookie written on disk get deleted to avoid multiple action logging from same cookie. Check if reaching to your action or purchase page deletes the cookie properly and no more invalid actions or purchase get logged from same user. Multi Browser testing This is an important case to check if web application page is writing the cookies properly on different browsers and also the web site works properly using these stored cookies.
CONCLUSION Cookies shouldn’t be put in the same category as the viruses, spam, or spyware that are often created to wreak havoc and chaos on computers. They are mostly benign tools to help you manage your time more efficiently on the Web. Plus, you have totally control over them if you think your secrecy is being violated. Therefore, accept or reject cookies as you want. And the testing should be done properly to check that website is working with different cookie setting. For demo Amazon.com is a very good website for good quality cookie usage. Testing in which software components, hardware components, or both together are combined and tested to evaluate interactions between them.
Integration testing takes as its input modules that have been checked out by unit testing, groups them in larger aggregates, applies tests defined in an Integration test plan to those aggregates, and delivers as its output the integrated system ready for system testing. What: Testing performed to expose faults in the interfaces and in the interaction between integrated components.
Who will do: As integration testing covers broad length of ‘V’ model. From the developers to System integrators will involve. Where it: Almost all integration will takes place at the developing organization sites. Integration testing can be conducted in two ways.
1) Non-Incremental Approach 2) Incremental Approach 1) Non-Incremental Approach: The non incremental approach is also known as “Big-Bang” testing. This approach is very unfashionable due to the level of risk that one takes in hoping that the system will perform as expected. 2) Incremental Approach: Incrementally integration testing can be split in to a) Top-down Testing b) Bottom-up Testing c) Sandwich (Hybrid) Testing � a) Top-down Testing: In Top-down Testing, higher level modules are tested. If lower modules required to make up the system are not yet available then, stubs are used to simulate their activity.
Stub: Small software placed in to a program that provides a common function. B) Bottom-up Testing: In Bottom-up testing, lower level modules are tested.
If the higher level modules required to make up the system are not yet available then, drivers are used to simulate their activity. Driver: Drivers are simple program designed specifically for testing that make calls to these lower layers. C) Sandwich Testing: Sandwich testing is a hybrid between Bottom-up and Top-down testing.
It will test the user interface in isolation using Stubs and test the very lowest functions using drivers. Testing and debugging two activities that mutually exclusive but complimentary. Most people use these terms interchangeably. I have seen developers who claim they have tested the application and testers who claim that they are extremely good in debugging.
There is a common perception among testers and developers that there is no difference between the two activities. Lets now define both the activities to understand the difference: Testing as we all know is a process of verification and validation of the application under test. Testing on a broad spectrum is defined as questioning the software with intend to find defects. Testing is a pure QA activity. Debugging is defined as a pure developers activity that involves executing small tests and finding issues in the code followed fixing them. Debugging involves small developement tests as a part of confirmation unit testing. For further information, kindly comment on this blog.
Thanks, Arun. Merged build testing is a stage before production patch deployment where several fixes to a build are merged together into a single build that needs to be tested.
The main reason why we go in for merged build testing is that, a particular fix might affect other fixes that are going into the build. In this case, a impact analysis document needs to be prepared with the list of fixes and the impact of one fix over the other. Such a document would help to narrow down on the possible areas affected across the system. Merged Build testing can be either shaow and wide or narrow and deep. This depends on the fixes that are implemented on the particular build that is set to go live.
For further information, please write back to us or leave a comment on this blog. Thanks, Arun.
TCP IP Ports: What are they? Why are they important to me? S TCP/IP Ports What are they?
Why are they important to me? Version.1 We (IT folk) install applications on our machines regularly, yet many still don’t fully understand what is really happening to make the communications between a client and a server work. I hope to illustrate in words and pictures the communications process of some Internet applications. I will try to make this explanation as simple as possible so that even non-IT folk may understand. I will be using a few examples; HTTP, FTP, and an Telnet Client session to a Telnet Server.
First lets begin with a brief introduction to TCP/IP. TCP/IP is not a single protocol but actually a suite of protocols. What this means is that TCP/IP is a collection of protocols.
To think of TCP/IP in a graphical sense can be helpful, TCP/IP can be pictured as a stack of blocks on top of each other. OSI Reference Model 7. Application Layer 6.
Presentation Layer 5. Session Layer 4.
Transport Layer 3. Network Layer 2.
Data Link Layer 1. Physical Layer Each Layer can only communicate to the layers directly in contact with it. Layer 1 cannot communicate with layer 3 without passing the contents to layer 2. This ingenious architecture allows for specialization amongst the layers.
This design also allows for the introduction of other intermediate layers. You may already be using an application that inserts itself into your TCP/IP stack. Maybe you are using or or something like it. These applications place themselves in the TCP/IP stack and intercept your packets and interpret whether it is destined for the Public Internet or to a Private Network using a connection. So what does this all mean to you? Well it means that the TCP/IP Suite is important and if you really want to harness the power of TCP/IP you must understand it further. This is a representation of where the protocols reside in the protocol stack.
Notice on the left where the protocols we are so familiar with reside. FTP and HTTP reside in the Application layer. While and exist in the DATA LINK layer. Introduction to commonly known ports Before we jump in.
What is a port? A port can be thought of as a doorway into a computer. Network Applications that use the TCP/IP suite utilize sockets to communicate with one another. A socket is the combination of an IP address and a port. You can envision a socket like the following illustration: So, on the one hand you have an IP address, say 10.1.1.1 and a service port like 25 for SMTP. When a client connects to 10.1.1.1 on port 25 a ' is created.
This socket is an agreed upon pathway for communications made up of an IP address and a port number. In this case 10.1.1.1:25 If you have worked in IT for any amount of time you will be familiar with all if not most of the following ports.
If you are not familiar with these ports, make your self comfortable with them now. If you can memorize any number of ports these are the key ones to remember.
Tmw Protocol Test Harness
Some of the more common port numbers are 21, 25, 53, 80 110, 443 21 = FTP: 23 = Telnet: 25 = SMTP: 53 = DNS: 80 = HTTP: 110 = POP3: 119 = NNTP: 443 = SSL: Sometimes protocols are merged into an existing application. For example the Web Brower. The web browser sometimes acts as an ftp client. Whenever a web browser acts as an ftp client the typically looks something like.
Notice how its not http? Whenever we send email using outlook express or some other email client, SMTP is almost definitely your tranfer protocol. There are exceptions like old MS-Mail clients and Old Lotus systems. Some companies use Outlook with only the Exchange service installed and this makes it unnecessary for the clients to communicate via SMTP.
Protocol Test Harness
Although any server that wishes to be able to send email to ANYONE will need to speak SMTP. Lets go on to analyze a sample Web Browsing Session. User Launches her web browser and types in 2. The Web Browser requests that the name be converted to an IP address. I’ll explain DNS if time permits.
Once the browser has the IP address it will then connect to the machine using that IP address. The browser itself normally does not show this IP address. The browser will continue to show us the name. IP is necessary because it’s the only way that the Routers on the Internet would know how to relay the packet to other routers. Web Servers by default use port 80, although web servers can be made to listen on different port numbers. Web Browsers were programmed with this knowledge, so when a user types in a web site the web browser automatically connects to using port 80.
Ever noticed that some web sites have a colon and number after the url such as all this means is that when someone installed the web server they changed the default port from 80 to 8000. This is also a way to install multiple web servers on one physical machine. It is possible to install Apache on port 90, IIS on port 91 and iPlanet on port 92. Very useful if only one server is available. Once a connection request is made of the server, the client assigns a communications port. This is very important to understand, just because the Server is listening on port 80 doesn’t mean that it talks back to the browser on port 80.
This would be a really bad thing, since if you had a web server installed on the machine that was making the request, the Web Server would try talking back to port 80 and fail to communicate with the browser. This is why the Web Server picks a random port number to talk back to the web browser. Type netstat at a command line right after surfing to. You should see something like; TCP mirage:1372 vnt4.webhosting.com:80 ESTABLISHED TCP mirage:1374 vnt4.webhosting.com:80 ESTABLISHED a. The TCP above means its connecting using TCP. Mirage is the name of my machine.
Port 1372 is a port assigned to the client side, this is the port that the server will send information to. Vnt4.webhosting.com is the translated name for the server hosting e. Port 80 is the port number that the connection is using to communicate with the server.
ESTABLISHED means that the connection is still connected. Port 1374 is there because I made 2 connections to 7. If you click REFRESH on your web browser a few seconds later and run netstat again you will notice different client side port numbers. New Number will be assigned as you surf to different places and/or the same site. That concludes our analysis of a user surfing to a site.
Similar to the previous example, FTP works in the same fashion. When a user connects to an FTP server with an FTP client, the Client connects to port 21 and another port is assigned to the client. Why is this useful to know?
Firewall Reasons One of the techniques commonly used with firewalls is the blocking of ports in order to conform to corporate security policies. For example, a company may block all connections to port 23 if telnet is not allowed to machines outside of the corporate network. Firewalls are a whole separate subject all together. I'll cover them in a future article. To learn more about firewalls check out Building Internet Firewalls by Brent Chapman ISBN.
Excellent book. Lets use an example of a persistent client application such as telnet.
Telnet is a client application used to test that communications with a Telnet server is possible. Assuming the Telnet server is installed to listen on its default port of 23(, we would do the following to connect with telnet.
Launch telnet and login to the system. Run netstat to see what connection was made. You should see something like; TCP mirage:1163 EMACHINE:23 ESTABLISHED TCP mirage 1163 EMACHINE 23 ESTABLISHED Protocol Client Machine Client TCP Port Server Machine Name Server TCP Port Connection State A. Will telnet on Laptop 1 be able to connect to Telnet Server 1 in this configuration? Will telnet on Laptop 2 be able to connect to Telnet Server 2 in this configuration? Will the Web Browser on Laptop 2 be able to look at web pages on Web Server 2 (assuming that Web Server 2 has been configured to use the default HTTP port) D.
Will the Web Browser on Laptop 1 be able to look at web pages on Web Server 1 (assuming that Web Server 1 has been configured to use the default HTTP port) E. What needs to be configured on the firewall in order for telnet and Web Surfing to work in both directions? Answers at the bottom of page. Lets take a look at a simple telnet connection. The telnet client connects to port 23 on the Telnet Server. The port assigned for this connection is 2324.
This means that when you type commands and send them to the Telnet Server any responses will be sent back to you via port 2324. The connection from the Telnet Client would establish a socket connection which would be the Telnet Servers IP address and the port number (23). I.e 10.1.1.1:23 4. What would happen if the Telnet Server was reconfigured so that it listened on port 65? What would it look like? The Telnet Client on the PC would have to be changed so that it created a 'socket' using the IP address of the Telnet server and the new port number (65).
I.e 10.1.1.1:65 How do hackers leverage this knowledge of ports? There are many port scanning tools, is one of those such tools. Here we have a screenshot of SuperScan The machine scanned in this example is 192.168.1.254.