Penetration Testing and Vulnerability Scanning Services for a Global CPG/Beverages Producer

Business Challenge

The Company has a high volume Intranet Portal with 4 subdomains. The Portal is a web-based cloud application that is available to users around the globe with various access levels.

Due to auditing and other undisclosed reasons the Company requested ScaleFocus to perform an end-to-end penetration test and vulnerability scanning.

The testing and analysis were performed in accordance with the OWASP testing methodologies “Web Application Penetration Testing” and “Penetration Testing Execution Standard”.

Delivery Approach

The Project was delivered in 4 main phases:

Phase 1: Information gathering

Phase 2: Enumeration

Phase 3: Testing

Phase 4: Results & Analysis

The ScaleFocus team performed manual penetration testing and automated vulnerability scanning. The Security Engineers optimized the testing efforts by using a set of security software tools: IBM Security AppScan and Burp Suite Professional.

Project Scope

The ScaleFocus Cyber Security Team delivered web application penetration testing via external/remote access to the Company Intranet.

The external penetration tests included the following checks:

  • Enumeration of services, operating systems and their versions
  • Detection of active services
  • Attempt of mapping internal resources trough an external connection (application level)
  • Vulnerability assessment and vulnerability scanning of the discovered services
  • Manual verification of discovered vulnerabilities and exploitation
  • Password strength assessment via external access
  • Escalation of privileges in case of unauthorized access to some part of the system (guest user and employee user)
  • Authentication tests against the application in scope (weak passwords, factory defaults)

The security analysis of web applications included the following checks:

  • Initial information gathering about the web application
  • Web application structure analysis (flow of redirection after login)

Authentication and authorization logic analysis:

  • Web client-side communication analysis
  • Token testing (sequence guessing, sequence predictability, insecure transfer)
  • Testing for broken authentication and session management
  • Testing and analysis of authorization controls
  • Testing for SQL/LDAP/Xpath injection vulnerabilities
  • Testing for XSS/CSRF/CGI generic cross-site scripting vulnerabilities
  • Testing for file upload vulnerabilities (pictures)
  • Testing for common/backup file vulnerabilities
  • Testing for null byte vulnerabilities
  • Testing for HTTP response splitting vulnerabilities
  • Testing for directory traversal vulnerabilities
  • Testing for RFI/LFI vulnerabilities
  • Testing for command execution vulnerabilities
  • Testing for URL manipulation vulnerabilities
  • Testing for session management vulnerabilities
  • Testing for session hijacking vulnerabilities
  • Testing for information leakage/information disclosure vulnerabilities
  • Testing for error handling vulnerabilities
  • Testing for authentication bypass vulnerabilities
  • Testing for cookie modification vulnerabilities

The security analysis of web applications included the following checks:

  • Initial information gathering about the web application
  • Web application structure analysis (flow of redirection after login)

Outcome and Benefits

  • The Company received comprehensive customized feedback and an auditable report of the security state of its mission-critical Intranet Portal.
  • The ScaleFocus security consultants cautiously and elegantly delivered the services without hampering production systems performance and with utmost discretion.
  • The Company developed a very good understanding of its cybersecurity risk exposure and could plan the Intranet Portal product roadmap accordingly.