Auditing Scripts for Security
This is a checklist/summay for my own reference. It helps me remember to look for the obvious things
Data Validation
- Never trust anything. More later...
Authentication/Authorization
- Can I read allegedly protected data by bypassing the login site?
- Can I fool it into thinking I'm logged in by setting some variable?
- Can I authenticate with bad credentials?
- Is the password database relativeley secure?
- Can a logged in user get elevated privileges using any of the above techniques?
Damage Control
- Does it include any files?
- Does it read any files?
- Does it write any files?
- Does it interact with a database?
- Does it change it's behaivior based on anything it reads?
- Does it do anything with a command line?
Databases
- Is the password stored reasonably?
- Does the user have the minimum privileges for the job?