bahmni-bihar / bahmni_config

0 stars 0 forks source link

Authentication Bypass leads to Account takeover #11

Open petmongrels opened 3 years ago

petmongrels commented 3 years ago

https://emrdemo.security.samanvayfoundation.org/openelis/LoginPage.do Critical OWASP Authorization Testing It was observed that the target wasn't validating the password while login in to labtech account which leads to account takeover via authentication bypass.Authentication is the process of attempting to verify the digital identity of the sender of a communication. A common example of such a process is the log on process. Testing the authentication schema means understanding how the authentication process works and using that information to circumvent the authentication mechanism. weak authentication mechanism could leads to account takeover, sensitive data disclosure, Business disruption,privilege escalation. Implement a proper and secured authentication mechanism in laborartory login page at server level. 1. Visited the vulnerable url and input the login details then sent it to the burpsuite. 2. Then remove the password parameter completely from the login page request via burpsuite. 3. Successfully bypass the Authentication mechanism in login page. Proof of Concepts is attached along with this Tracker.

petmongrels commented 3 years ago

This is not a security issue. It is not great functionally but this is not a security issue. If one tries to do this after logout one cannot break in, it does so only on an already logged in user.