目录
1. 关于桌面应用的常见漏洞
先上OWASP desktop APP Top 10
OWASP Desktop App Security Top 10 | OWASP Foundation
https://owasp.org/www-project-desktop-app-security-top-10/跟web app 相差没用太大。值得一提的是DA8
| DA8 - Poor Code Quality | Missing Code-Signing and Verification for File Integrity, Missing Code Obfuscation, Dll-Preloading or Injection, Race Conditions, lack of binary protection (Overflows, Null pointers, memory corruption) etc. |
- 缺少代码签名和文件完整性验证
- 缺少代码混淆
- DLL预加载或注入
- 竞争条件(Race Conditions)
- 缺乏二进制保护(如缓冲区溢出、空指针、内存破坏等)
另外一个网上找到的web 应该thick client 漏洞的区别对比
2. 测试4步走
1. Information Gathering 信息收集
2. Network/ Traffic Analysis 网络流量分析
3. Client-Side Analysis 客户端分析
- DLL Hijacking
- Binary Analysis
- File Analysis
- Memory Analysis
- Registry Monitoring
- Source Code Scanning
4. Server-Side Analysis 服务端分析
3 测试用例
80+ 测试用例,也是基于OWASP的
Hari-prasaanth/Thick-Client-Pentest-Checklist: A OWASP Based Checklist With 80+ Test Cases
4.常用工具
- UISpy
- Winspy++
- Window Detective
- Snoop WPF
- Strings
- dnSpy
- Procmon
- Process Explorer 进程资源管理器 - Sysinternals | Microsoft Learn
- Process Hacker
- Regshot
- Procmon
- Accessenum
- Echo Mirage
- MITM Relay
- Burp Suite
- andrew-d/binscope: Check a Windows PE file for some basic security flags
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
