Broken Authentication Vulnerabilities | Sparsh K
                     Broken Authentication
Sparsh Kulshrestha
Security Analyst, CloudSEK
What is Authentication?
● Authentication is a user proving who they are
● If an authentication system is not correctly implemented, an attacker can 
impersonate someone else and gain access to data or functionality that they 
shouldn’t
● Authentication and session involve cookies which provide an easy way for an 
attacker to try and impersonate someone else
● The authentication system itself might be bypassed  if not coded  correctly.
Broken Authentication Attacks
● Credential Stuffing
● Default Credentials or Weak Credentials
● Brute-force Attacks
● Oauth Misconfigurations
● IDOR
How to Fix?
● Implement MFA
● Strong Password Policy
● Rate Limiting 
● Breached Password Detection
Rate Limiting Bypass
● If a load balancer is in place, try to find the origin server IP
● Use Shodan or Censys to find origin IP (tool : link)
● Bypass rate limiting with headers (link)
X-Forwarded-For : IP
X-Forwarded-Host : IP
X-Client-IP : IP
X-Remote-IP : IP
X-Remote-Addr : IP
X-Host : IP
● Burp extension IP rotate (link)
Thank You
Twitter : https://twitter.com/d0tdotslash
Linkedin : https://www.linkedin.com/in/sparsh-kulshrestha-972a4b12a/
Email : [email protected]