Thick Client Security Testing - Short Tutorial
A thick client refers desktop application that requires the installation to use them. Thick client applications can be developed using Java, .Net, C/C++, etc.
A thick client may follow two-tier architecture or three-tier architecture. In two-tier architecture, the thick clients directly access the back-end database via the internet. In the three-tier architecture, the thick client access the back-end database via the application server. Sometimes thick client applications using proprietary protocols for communication. Examples of the thick clients are video editing software, video conference software, MS office, MS outlook, etc.
In this article, we will see the vulnerabilities and tools used for accessing the security of thick client applications.
Vulnerabilities in Thick Client Application
- Injection - SQL injection, command injection, LDAP injection
- Buffer Overflow
- Insecure Communication (TLS/SSL vulnerabilities)
- Business Logic Vulnerabilities (e.g. forgot password)
- Improper Error Handling
- Sensitive Information Disclosure - Hardcoded Encryption Data, Hardcoded Encrypted Password
- No Code Obfuscation
- Broken authentication and session management
- Weak storage of password at server side
- Insufficient logging and monitoring
- Security Misconfiguration
- Configuration files in cleartext
Tools used:
- Wireshark - network analysis tool
- IDA Pro - static analysis tool
- OllyDBG - static analysis tool
- Ghidra - static analysis tool
- Winhex - memory analysis tool
- Metasploit - exploitation framework
- Burpsuite Pro - Intercept proxy tool
- Nmap - identify open ports
- sslscan - identify ssl vulnerabilities
- Nessus - identify outdated components of a thick client application
Conclusion
This is just a introductory article to initiate assessment of thick client applications. More tutorials available on google to kickstart security testing.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.