CWE-489 遗留的调试代码
Leftover Debug Code
结构: Simple
Abstraction: Base
状态: Draft
被利用可能性: unkown
基本描述
The application can be deployed with active debugging code that can create unintended entry points.
扩展描述
A common development practice is to add "back door" code specifically designed for debugging or testing purposes that is not intended to be shipped or deployed with the application. These back door entry points create security risks because they are not considered during design or testing and fall outside of the expected operating conditions of the application.
相关缺陷
- cwe_Nature: ChildOf cwe_CWE_ID: 710 cwe_View_ID: 1000 cwe_Ordinal: Primary
适用平台
Language: {'cwe_Class': 'Language-Independent', 'cwe_Prevalence': 'Undetermined'}
常见的影响
| 范围 | 影响 | 注释 |
|---|---|---|
| ['Confidentiality', 'Integrity', 'Availability', 'Access Control', 'Other'] | ['Bypass Protection Mechanism', 'Read Application Data', 'Gain Privileges or Assume Identity', 'Varies by Context'] | The severity of the exposed debug application will depend on the particular instance. At the least, it will give an attacker sensitive information about the settings and mechanics of web applications on the server. At worst, as is often the case, the debug application will allow an attacker complete control over the web application and server, as well as confidential information that either of these access. |
可能的缓解方案
['Build and Compilation', 'Distribution']
策略:
Remove debug code before deploying the application.
示例代码
例
Debug code can be used to bypass authentication. For example, suppose an application has a login script that receives a username and a password. Assume also that a third, optional, parameter, called "debug", is interpreted by the script as requesting a switch to debug mode, and that when this parameter is given the username and password are not checked. In such a case, it is very simple to bypass the authentication process if the special behavior of the application regarding the debug parameter is known. In a case where the form is:
bad HTML
<INPUT TYPE=PASSWORD name=password>
<INPUT TYPE=SUBMIT>
Then a conforming link will look like:
informative
An attacker can change this to:
attack
Which will grant the attacker access to the site, bypassing the authentication process.
Notes
分类映射
| 映射的分类名 | ImNode ID | Fit | Mapped Node Name |
|---|---|---|---|
| 7 Pernicious Kingdoms | Leftover Debug Code | ||
| OWASP Top Ten 2004 | A10 | CWE More Specific | Insecure Configuration Management |
| Software Fault Patterns | SFP28 | Unexpected access points |
相关攻击模式
- CAPEC-121