Security Archive

Eliminating Security Vulnerabilities at PORT 22

Issue : There are findings related to security at PORT 22 after Vulnerability Assessment and Penetration Testing (VAPT).

The below are the vulnerabilities :

1. SSH Weak Algorithms Supported.
2. SSH Server CBC Mode Ciphers Enabled.
3. SSH Weak MAC Algorithms Enabled.
4. SSH Server CBC Mode Ciphers Enabled.

Solution : In order to attend the vulnerabilities you need to login as root and follow the below steps.

Step 1 : Go to the directory as below (/etc/ssh).

etcSSH

Step 2 : edit sshd_config file as below.

sshdConf1

Remove weak ciphers arcfour256,arcfour128 and save the file.

sshdConf2

Step 3 : Re-scan the port for vulnerability and you will find the errors are eliminated now.

Cheers..!

How to prevent CSRF attack

Sometimes when one application tries to call another application running on another server you get an error window with the message potential CSRF attack. At the same time you will see the following error message in the log files.

<BEA-000000> <A request has been denied as a potential CSRF attack.>

This issues arises due to the fact that WLS is not able to set the jsession id in the request made to the other server.

To address this issue we need to add the following in weblogic.xml

<session-descriptor>
<cookie-http-only>false</cookie-http-only>
</session-descriptor>

 

If the issue still persists, we need to add the following in the web.xml

<init-param>
<param-name>crossDomainSessionSecurity</param-name>
<param-value>false</param-value>
</init-param>

 

 

 

How to decrypt WebLogic Datasource Password

You need to copy the datasource password present in the -jdbc.xml present under \config\jdbc to the password variable in the WLST Script.

encrypted_password

 

Change the path variable to point to your domain

from weblogic.security.internal import *
from weblogic.security.internal.encryption import *


password = "{AES}0+5YrFk+fD9BFIykr3H+wPsNmPRP/GIOUId7SPqBgNg="
path = "D:/Oracle/Middleware/user_projects/domains/pega7_domain/security"
encryptionService = SerializedSystemIni.getEncryptionService(path)
cService = ClearOrEncryptedService(encryptionService)
print "password: " + cService.decrypt(password)

Execute the above script after setting the environment
>setWLSEnv.cmd
>java weblogic.WLST decryptDatasourcePassword.py

You should see the decrypted password in the terminal.

decrypted_password