Questions tagged [secure-coding]
The secure-coding tag has no usage guidance.
149 questions
8
votes
4
answers
4k
views
Should order numbers be guessable?
We wrote a e-commerce system where we were asked to generate orders based on a format provided to us
The format was extremely simple which was today's date with total number of orders in the database +...
- 83
0
votes
1
answer
162
views
What are the security related challenges in implementing something like Unix sudo?
There exist several sudo alternatives (systemd's run0, OpenBSD and doas, etc.), all created after sudo has been an established tool, allegedly for security reasons.
If someone were to implement Unix ...
- 103
0
votes
1
answer
76
views
Suggestions for implementing a simplified subset of WebAuthn Relaying Party Operation
Previously some good fellow explained the importance of verifying the public key created and offered by authenticators.
As before, given the complexity of a FULL implementation of RP operation, I ...
- 374
2
votes
0
answers
125
views
Security in Angular: Addressing XSS Concerns with External Libraries and Interpolation
Introduction:
We heavily use external libraries, such as DataTables, in combination with interpolation. In Angular, we've identified two primary XSS prevention strategies:
Interpolation ({{ }})
...
- 31
0
votes
1
answer
856
views
Secure by Design vs Secure by Default
As an application developer, which of these two principles is considered more secure?
I'm familiar with these concepts at a foundational level. Secure by default means it's secure out the box. ...
- 121
-1
votes
1
answer
107
views
Recommended way to merge a security feature with the rest of the software? [closed]
I am searching for the best way to merge two parts of software together, so it would be as hard as possible to separate them again through reverse engineering.
At the moment are both parts python, but ...
- 56
0
votes
1
answer
208
views
Busines logic bypass issue
Good day, we deployed our app that has payment on it with a wallet system. We tried as much as possible to follow every security rule from server to code design. But yesterday we experienced a bridge ...
- 3
2
votes
0
answers
1k
views
Why do I have to store a refresh token in db
As far as I know, JWT tokens are used for implementing 'stateless server'. But as I try to apply Jwt to my website that uses sessions and cookies for authentication, I found that most people store ...
- 21
1
vote
0
answers
155
views
Lesser known security pitfalls in Python [closed]
I recently came across this article: https://blog.sonarsource.com/10-unknown-security-pitfalls-for-python, which describes security pitfalls in the python programming language that are less well known ...
- 61
8
votes
6
answers
3k
views
Does having no 'if' blocks in code mitigate side-channel attacks?
Looking through descriptions of Spectre and Meltdown it seems that speculative execution - the basis for these attacks - occurs only with branched code. Therefore, it seems logical to conclude that ...
- 456
1
vote
1
answer
171
views
How to secure a code preview function?
Suppose there is an application which contained preview functionality, that means whatever the code (if it is PHP, HTML Python) the user writes, the user can preview the code.
For ex:
<?php echo &...
- 195
0
votes
3
answers
397
views
Security issues of exposing CRUD operations through a single API endpoint?
Imagine an API where all CRUD operations are done through the same POST HTTP Request but with different "action" values from request body.
{
"action":"[create|read|update|...
2
votes
1
answer
235
views
What are the security considerations for coding a website with interactive scripts but no backend?
I am developing a simple grammar study website with Bootstrap 5, JQuery and Javascript. It will have interactive grammar quizzes and flashcards. I would like users to be able to type in answers to ...
2
votes
1
answer
279
views
Sharing account verification tokens to third parties
This is a brief sanity check for myself to confirm whether or not the premise of the title is a good idea or not.
Suppose we have an internal system for password reset or account verification. When a ...
- 23
0
votes
1
answer
200
views
The difficulty of securely storing a password
We have an open source software that allows users to be created. The users are saved in an LDAP directory. The software connects to the LDAP as an administrator to write a new entry for a new user, or ...
- 123
0
votes
0
answers
169
views
Allowing users to add arbitrary JavaScript in published articles
It would be nice if sites like Medium or Substack allowed users to not only add text, images, code snippets, etc., but also custom scripts that allowed readers to run a little piece of code. For ...
- 101
0
votes
0
answers
122
views
What are reasonable level of security for a interal-use organization application hosted on the cloud?
I'm working on an small web application (Flask). The application is only for distributed internal usage, e.g. only users with credentials created by the organization will have access to the services ...
- 103
2
votes
0
answers
481
views
How is .NET Core isolated storage "secured" on various OS's?
I'm looking for a consolidated list of how and where isolated storage is managed on each operating system... (Windows, MacOS, Linux, (mobile?), ...)
Does such a list exist?
What considerations might ...
- 730
0
votes
2
answers
196
views
allowing users to add custom html/js code and show it only under another domain
I have a web app where I allow users to create a one-page portfolio using drag and drop, also I allow them to add custom HTML freely (basically any html or js code)
I'm aware that I shouldn't allow ...
- 129
0
votes
1
answer
247
views
Impact of the System Information Leak
Our application stored **e.printstacktrace()** in a log file, which is accessible to a specific user group. We need such detailed information for debugging purposes.
As per the security team, they are ...
- 449
43
votes
3
answers
34k
views
Why is there no web client for Signal?
I’ve read about E2EE (end to end encryption) of Signal in web clients on a Signal Community discussion forum, and wonder why they say that the browser is insecure for E2EE and native apps are secure.
...
- 547
0
votes
0
answers
157
views
Secure code makes exploitation easier with CPU vulnerabilities?
I researched CPU vulnerabilities in the past, such as Specter and Meltdown.
I read that one of those attacks is made easier if the code is a certain way. I cannot remember if it was related to being ...
- 713
0
votes
1
answer
207
views
Who (Designer or User) Should be Resposible for the Correct/Secure Usage of a Tool Intended for Developers/Admins? [closed]
There is a healthy debate around a series of stack overflow posts that refer to the "RunAs" command. Specifically the discussion is in reference to design decision that the folks at ...
- 191
0
votes
2
answers
540
views
How to find vulnerabilities in a program by looking at it's source code [closed]
Hello I have recently started learning Reverse Engineering. I often hear that it's much easier to find vulnerabilities in a program by looking at it's source code, but i don't know how to find them or ...
0
votes
1
answer
209
views
Is my code safe enough to be publish on the server side? [duplicate]
I'm new here to ask a question. Sorry if my question had miss explanation. I just wanna ask if my PHP code is secure enough. Please find below is the source code:
Get the ID for choosing the Value
...
- 11
1
vote
2
answers
1k
views
Regenerating CSFR token in AJAX requests
I would like to create a new token for each request and would like to us the following template-
<script>
var current_token=<?php echo $_SESSION['csrf_token']; ?>
$....
- 11
1
vote
0
answers
235
views
HSM: How multiple users are supported (using SAM)?
So far, I knew that traditional HSMs (Hardware Security Module) can be used to store key of a single user. But, recently, I came to know that newer HSMs have the capability to store keys of multiple ...
- 121
1
vote
0
answers
148
views
Would my Java web application be vulnerable if I use a netty version that is vulnerable to CVE-2019-20444 and CVE-2019-20445?
These has been fixed in later versions of Netty ... but what is the risk of using an older (can't upgrade now) version that is vulnerable to to CVE-2019-20444 and CVE-2019-20445 ... is there really a ...
- 11
44
votes
8
answers
9k
views
Does an application purely for intranet use by employees need secure software design or to follow OWASP guidelines?
I'm developing an application over an intranet and is used only by an internal employee. There wouldn't be any external parties involved here and no external communication would be used by the ...
- 541
1
vote
0
answers
761
views
SQLMAP with single URL application
I have a local application which will be accessible only after login. Its single URL application, URL of application won't change, just it use 'XMLHttpRequest' to refresh the content of screen based ...
- 111
0
votes
0
answers
137
views
Counterintuitive remediation cost scale within SEI CERT Coding Guidelines for priority
The SEI CERT Coding Guidelines assign a priority to each rule, formed from the product of three factors: severity, likelihood, and remediation cost. Each of these three factors is assigned a value ...
- 101
2
votes
1
answer
130
views
Code Change That Resulted in Database Fields and Values Exposed
At my company, we have a new development team that has been completely rewriting all of the code for different parts of the system.
I've noticed that with one of the recent changes, you can now see ...
- 123
-1
votes
2
answers
2k
views
"Reflected XSS"-like attack on chatbot AI
This is a theoretical question. I just watched a certain video in which the author apparently unmasks a chatbot AI that is likely trying to harvest data and spread influence in a cult-like manner on a ...
user221579
1
vote
2
answers
818
views
How do we secure image parsing libraries against buffer overflow?
New to buffer overflow through image parsing. How can one design a secure library that parses images, and ensure there are no security vulnerabilities in it? It is common knowledge that image parsing ...
- 25
2
votes
1
answer
945
views
Buffer Overflow in the C program
I'm preparing for an introductory information security examination in university and this is one of the examination questions on Secure Programming.
Here is the question. Sorry the original condition ...
0
votes
1
answer
546
views
Exploiting vulnerabilities in the C code
I'm preparing for an introductory information security examination in university and this is one of the examination questions on Secure Programming.
In such questions, I would usually catch for ...
1
vote
0
answers
183
views
Calling Powershell script from external program passing an argument
I have an external program which calls a PowerShell script with a random secret identifier as a single argument. The PowerShell script needs to return the same random secret id when it calls the REST ...
- 11
2
votes
0
answers
386
views
How can an attacker use SQL injection in ALTER query?/What can an attacker do with an injectable ALTER statement? [closed]
Let's say you have a Java app which has a query which can unlock/reset passwords for users like:
ALTER USER " + iD_Of_User.toUpperCase() + " IDENTIFIED BY " + password_Of_User + " ACCOUNT UNLOCK
...
- 21
0
votes
1
answer
924
views
Securing exec against executing adversary shell commands
I have to execute my .o or .out binary file pre-compiled with gcc, it should be intended to let the user execute the small program so an action is made that connects with the app installed on the user'...
- 431
0
votes
1
answer
201
views
Securing a website for my school project [closed]
I have been given a task to secure a website which will be done by my group mates, but I have no clue. Could someone give my ideas? and how I am going to protect? what code can I use to secure login ...
- 3
0
votes
0
answers
833
views
What is the risk of allowing user input in Python's 're' module
Some context
I'm currently building an application which lets user's set up dynamic, queries they can execute later. A great addition to this seems like a regex module, in which users can filter ...
- 872
0
votes
1
answer
461
views
Hiring an AppSec Engineer - What to look for?
I am in the process of trying to hire an AppSec Engineer to review our source code manually and have only been able to find those using appscan tools for secure code reviews. Is there something in ...
- 11
1
vote
1
answer
523
views
Secure coding standards and guidelines
I was trying to research on available secure coding guidelines of server-side and client-side languages.
There are online documentation from Oracle for Java, Microsoft for asp.net, and w3 for html5 ...
- 115
0
votes
2
answers
465
views
What factors should I consider when choosing the key for encryption and decryption?
We have an application that uses cookies to transmit employee personal data over from the front end to the server. We have planned to use TLS 1.2 for the encryption in transit. However once the java ...
- 337
1
vote
1
answer
308
views
When to perform secure code review?
OWASP recommends that secure code review to be performed throughout the SDLC process. Although it makes sense to perform secure code review before moving codes to production, could anyone here help ...
- 19
6
votes
1
answer
935
views
Username Enumeration in 2018 - How serious is this
I am looking at an application redesign and one of our business team research says that we are not getting or losing customers because they are not able to login. While I don't really care about the ...
- 61
2
votes
1
answer
156
views
InfoSec consultancy - infrastructure vs development
I work for a company that has done in house application development (for our internal systems) since its inception decades ago. Recently, however, the rise of APIs and real-time data transfer has ...
- 25
24
votes
4
answers
8k
views
Can I trust public code versioning platforms when building a social platform?
We are developing a kind of social platform. It starts as a closed beta for a limited number of users, but the goal is to reach millions of subscriptions.
We are currently limited on resources, both ...
- 389
2
votes
1
answer
870
views
How can a git repository be sanitized efficiently and effectively?
A git repository will contain information on every previous commit and all the information in that commit.
That means that if you have a git repository that contained any information such as secret ...
- 466
0
votes
1
answer
1k
views
Key Encryption / Obfuscation
I got a GUI Program, which loads the Logic from a webserver if the entered License Key is valid.
The actual connection string I hexed and xor'd with a secret key. (which is unfortunately static)
The ...
- 119