Since Tim Berners-Lee published the HTTP/0.9 in 1990, web applications have been developed and have, especially in the modern age, an increasingly commercial relevance. This makes it interesting for third persons like attackers to search for weak points. This bachelor thesis focusses on authentication web pages, which typically verify a user against a system. We will focus on basic principles concerning authentication web pages and afterwards we will make a vulnerability analysis based on that. After specifying common attack vectors, we will use the open source web application testing system Selenium as a proof of concept. The Selenium IDE is used to create a test suite with test cases which prove security aspects of web pages with one click automatically. Furthermore, Selenium Remote Control is used to show, among other things, with a dictionary attack how the testing system can be used as an attack tool.About the Author:
This bachelor thesis was written by Marcus Niemietz at the -Chair for Network and Data Security- of Prof. Dr. Jörg Schwenk (Ruhr University Bochum - Germany).
„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.