Offensive security assessment of a REST API for a location proof system

By José Ferrão / 16-09-2021 / In categories Results

publication, result

Translations: EN

Comunicação em encontro científico nacional

Offensive security assessment of a REST API for a location proof system

Vulnerability Assessment, Penetration Testing, Offensive Security, Location Proof Systems, REST API Security


José Ferrão, Samih Eisa, and Miguel L. Pardal


INForum. Lisbon, Portugal. 2021



Resumo (em inglês)

Despite the best efforts of designers, a system cannot be said to be truly secure and robust until it has experienced - and thwarted - attacks from skilled and motivated attackers.

With that in mind, we performed an offensive security assessment of CROSS, a smart tourism application that uses location proofs. The server is exposed on the public Internet and offers a REST-based API. We performed a vulnerability assessment and penetration testing on the server, using generic attack tools, and from different vantage points in the network, always in the attacker perspective. We present the tools and techniques used to attack the REST API, a detailed presentation of the findings, and the procedures for hardening the server. The security assessment used five different tools and we were able to find a previously unknown vulnerability that allowed unauthorized writes to the database of the target system.