Offensive security assessment of a REST API for a location proof system

By José Ferrão / 16-09-2021 / In categories Results

publication, result

Translations: PT

Paper in a peer-reviewed national conference

Offensive security assessment of a REST API for a location proof system


Vulnerability Assessment, Penetration Testing, Offensive Security, Location Proof Systems, REST API Security

Authors

José Ferrão, Samih Eisa, and Miguel L. Pardal

Conference

INForum. Lisbon, Portugal. 2021

Resources

PDF BibTeX

Abstract

Despite the best efforts of designers, a system cannot be said to be truly secure and robust until it has experienced - and thwarted - attacks from skilled and motivated attackers.

With that in mind, we performed an offensive security assessment of CROSS, a smart tourism application that uses location proofs. The server is exposed on the public Internet and offers a REST-based API. We performed a vulnerability assessment and penetration testing on the server, using generic attack tools, and from different vantage points in the network, always in the attacker perspective. We present the tools and techniques used to attack the REST API, a detailed presentation of the findings, and the procedures for hardening the server. The security assessment used five different tools and we were able to find a previously unknown vulnerability that allowed unauthorized writes to the database of the target system.