Skip to content
/ BrokenAccessControl Public
forked from lizetpena/BrokenAccessControl

This is an overly simple example of an ASP.NET WebForms 4.7 application with the OWASP 2017 A5: Broken Access Control Vulnerability

License

View license
0 stars 9 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

shehackspurple/BrokenAccessControl

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.github/workflows
.github/workflows
 
 
AuthorizationDemo
AuthorizationDemo
 
 
packages
packages
 
 
Code.sln
Code.sln
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

"# BrokenAccessControl" This is an ASP.NET Web Forms 4.7 vulnerable solution showcasing the OWASP Top 10 A5:2017 - Broken Access Control Notice this is an example of what NOT to do:

The application lacks logging and auditing, exposes a technology stack trace to the browser when the security exception bubbles up, and allows an anonymous user to execute an action on the UI that is meant for an authenticated user.

For more information about the OWASP Top 10 A5:2017 go to https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf

This web application allows navigation to authenticated sections of the website as an unauthenticated user while the section of the website requires the principal to be authenticated.

About

This is an overly simple example of an ASP.NET WebForms 4.7 application with the OWASP 2017 A5: Broken Access Control Vulnerability

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 75.8%
  • C# 12.2%
  • ASP.NET 9.4%
  • HTML 2.3%
  • CSS 0.3%