AppGithub
Ask or search…
K
Links
Comment on page

Halborn July 2022 - WebApp Pentest

Tokemak_WebApp_Pentest_Report_Halborn_Final-2.pdf
1MB
PDF
Individual auditors personal emails have been redacted in the above pdf (pdf also embedded below summary)
Summary:
(HAL-01) MISSING SUBRESOURCE INTEGRITY MECHANISM IN RELATION TO THE THIRD PARTY SCRIPTS USED
  • Recommendation: It is recommended implementing Subresource Integrity (SRI) mechanism on all scripts hosted on servers not under Tokemak control. Also note that SRI applies to both and tags.
  • Risk Level: Low
  • Status: SOLVED - 08/19/2022
  • Additional Notes: The issue was solved by removing links to third-party scripts and hosting all code on the Tokemak side on part of the domains listed above, except for docs.tokemak.xyz, for which a self-hosted Gitbook will be prepared in the near future.
(HAL-02) NON-PRODUCTION ENVIRONMENTS ACCESSIBLE FROM THE INTERNET
  • Recommendation: The target solution should be to isolate all development and administration environments from the public network. The easiest way to do this is at the AWS or related configuration level, so that only whitelisted addresses can authenticate against non-production resources, and the organization can be sure that 0day vulnerabilities will not affect those resources from the Internet.
  • Risk Level: Low
  • Status: RISK ACCEPTED
  • Additional Notes: No change at this time but will evaluate changes in the future. All production and non-production services are isolated to their own hosting accounts to prevent any cross contamination in the meantime.
(HAL-03) SERVER-SIDE REQUEST FORGERY VIA CLOUDFLARE SERVICE
  • Recommendation: It should be verified that each user (public access) should be able to use the service as described above. If not, access to the functionality should be blocked.
  • Risk Level: Low
  • Status: RISK ACCEPTED
  • Additional Notes: This is meant to be public at this time.
(HAL-04) PASSWORDS SHARED BETWEEN ENVIRONMENTS
  • Recommendation: Each environment should have different credentials to access it. We suggest increasing the password complexity - especially in relation to environments available from the Internet.
  • Risk Level: Low
  • Status: SOLVED - 08/12/2022
  • Additional Notes: The issue was solved by setting different password for each environment.
(HAL-05) USING PACKAGES WITH KNOWN VULNERABILITIES
  • Recommendation: It is strongly recommended to perform an automated analysis of the dependencies from the birth of the project and if they contain any security issues. Developers should be aware of this and apply any necessary mitigation measures to protect the affected application.
  • Risk Level: Low
  • Status: SOLVED - 08/12/2022
  • Additional Notes: The issue has been resolved.
PDF Embed:
Previous
Halborn November 2022 - accTOKE
Next
Halborn June 2022 - Voting Delegation Staking
Last modified 11mo ago