LAB 134 – Identifying Plaintext Storage of a Password

Course Details

Course Number: LAB 134

Course Duration: 5 minutes

Course CPE Credits: 0.1

NICE Specialty Areas

Risk Management (RSK)
Securely Provision (SP)
Software Development (DEV)

Related Subject Matter

Cloud
CWE
Learn Labs
MITRE ATT&CK
NICE
NIST
OWASP Web
Web

Foreign Languages Available:

English

Course Overview

This lab on Plaintext Storage of Passwords assesses the learner’s understanding of how an existing Credentials Management Error in the database supporting an ecommerce application can be discovered and exploited.

After completing this lab, the learner will understand how adversaries can exploit such vulnerabilities to steal secrets, gain unauthorized access, establish persistence, penetrate further into a system, and plan more damaging attacks.

Ready to Demo this course? Questions? Contact Us!