89
Backdoors and debug options
•Target: left in operational code - access privileged parts of application
•
•How: use debug parameters, toggle Yes <-> No, etc.
•
•Log Manifestation: tricky
–identify “introduced” debug parameters (debug, admin, test, ...)
–identify toggled parameter values for existing debug parameter
–No HTTP referer
•
•False alarms:
–Privileged (legitimate) admin sessions
•
No notes for this slide