i Attacking Application Architecture – Tired Architectures – All things in moderation

Attacking Application Architecture – Tired Architectures

1. What is a Multi-tiered System (MTS) ?

MTS is a layered architecture that meets a business need consisting of :

  • Presentation Layer, which inplements the applications’s interface
  • Application layer , which implements the core application logic
  • Messageing layer( for multi-DB systems)
  • Data layer , which stores and processes application data
  • Network Layer ( interconnnections)
    In practice , many complex enterprise applications employ a more fine-grained divsion between tiers. For example , a Java-based application may use the following and technologies :

* Application server layer ( such as Tomcat)
* Presentation layer ( such as WebWork )
* Authorization and authentication layer ( such as JAAS or ACEGI )
* Core application framework ( such as Struts or Spring very famous )
* Business logic layer ( such as Enterprise Java Beans)
* Data object relational mapping ( such as Hibernate)
* Data JDBC calls
* Database server

The archirecture current trends is Micorservices

If you realy want to know more about architectures above , I think you need build and run some apps using framework you like ( ex: Spring , Django, Nodejs, Laravel , …)

2. Attacking tiered architectures

A consequence of the previous point is that if defects exist within the implemen-tation of a multitiered architecture, these may introduce security vulnerabilities.
Understanding the multitiered model can help you attack a web application by helping you identify where different security defenses (such as access controls and input validation) are implemented and how these may break down across tier boundaries. A poorly designed tiered architecture may make possible three broad categories of attacks.

  • ###### Trust relationship between Tiers
    You may be able to exploit trust relationships between different tiers to
    advance an attack from one tier to another. Example :
  • When a SQL injection flaw exists, it can often be exploited to access all data the application owns.Even if the application does not access the database as DBA, it typically uses a single account that can read and update all the application’s data. The database tier effectively trusts the application tier to properly control access to its data.
  • In a similar way, application components often run using powerful operating system accounts that have permission to carry out sensitive actions and access key fi les. In this confi guration, the operating system layer effectively trusts the relevant application tiers to not perform undesirable actions. If an attacker finds a command injection flaw, he can often fully compromise the underlying operating system supporting the compromised application tier.

  • Subverting other Tiers

    If different tiers of the application are inadequately segregated, an attacker who
    compromises one tier may be able to directly undercut the security protections
    implemented at another tier to perform actions or access data that that tier is responsible for controlling.
    This kind of vulnerability often arises in situations where several different tiers are implemented on the same physical computer. This architectural confi guration is common practice in situations where cost is a key factor.

  • Accessing decryption Algorithms

    Having achieved a limited compromise of one tier, you may be able to directly attack the infrastructure supporting other tiers and therefore extend your compromise to those tiers.


The web application hackers handbook
In the next post I will explain about Securing Tiered Architectures . 🙂

Leave a Reply