This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Cornucopia - Ecommerce Website - CR 9"
From OWASP
(Created page with "{{DISPLAYTITLE:<span style="padding:2px 5px 0px 5px;color:white;background:#a395ca;">Cornucopia - Ecommerce Website - CR 9</span>}} File:Cornucopia_-_Ecommerce_Website_CR_9....") |
|||
| Line 59: | Line 59: | ||
</tr> | </tr> | ||
</table> | </table> | ||
| − | |||
| − | |||
<div style="padding:5px;background:LightGray;color:White;font-weight:bold;">[[Cornucopia_-_Ecommerce_Website_-_CR_8|« Previous Card]] <span style="padding-left:10px;padding-right:10px;">|</span> [[Cornucopia_-_Ecommerce_Website_-_CR|Cryptography]] <span style="padding-left:10px;padding-right:10px;">|</span> [[Cornucopia_-_Ecommerce_Website_-_CR_10|Next Card »]] </div> | <div style="padding:5px;background:LightGray;color:White;font-weight:bold;">[[Cornucopia_-_Ecommerce_Website_-_CR_8|« Previous Card]] <span style="padding-left:10px;padding-right:10px;">|</span> [[Cornucopia_-_Ecommerce_Website_-_CR|Cryptography]] <span style="padding-left:10px;padding-right:10px;">|</span> [[Cornucopia_-_Ecommerce_Website_-_CR_10|Next Card »]] </div> | ||
Latest revision as of 16:28, 21 January 2016
Suit: Cryptography
Card/Value: 9
Description:
Andy can bypass random number generation, random GUID generation, hashing and encryption functions because they have been self-built and/or are weak.
Technical Note:
NB: The key concept for this card is use of weak algorithms/functions, especially self-built ones.
References:
| OWASP SCP | OWASP ASVS | OWASP AppSensor | CAPEC | SAFECODE |
|---|---|---|---|---|
| 60 | 7.6 | - | 97 | 14 |
| 104 | 7.7 | 21 | ||
| 105 | 7.8 | 29 | ||
| 32 | ||||
| 33 |
