Performing process-timing attacks
By monitoring the time an application takes to complete a task, it is possible for attackers to gather or infer information about how an application is coded. For example, a login process using a valid username receives a response quicker than the same login process given an invalid username. This delay in response time leaks information related to system processes. An attacker could use a response time to perform account enumeration and determine valid usernames based on the timing of the response.
Getting ready
For this recipe, you will need the common_pass.txt wordlist from wfuzz, available here:
https://github.com/xmendez/wfuzz
Here’s the path to this:
wordlist | others | common_pass.txt
Using OWASP Mutillidae II, we will determine whether the application provides information leakage based on the response time from forced logins.
Ensure Burp Suite is running, and also ensure that the owaspbwa VM is running and that Burp...
