Business information leak - DB - Go

Business information leak - DB - Go

Need

Protection of sensitive business information stored in the database

Context

  • Usage of Go 1.16 for building efficient and scalable applications
  • Usage of gin-gonic/gin for building web applications in Go
  • Usage of net/http for creating HTTP servers and handling requests in a Node.js application

Description

Non compliant code

        package main

import (
	"github.com/gin-gonic/gin"
	"net/http"
)

type User struct {
	DocumentNumber string
	FullName       string
	WalletID       string
	OSName         string
	TransactionCode string
	Endpoints      []string
	CreditCard     string
	Balance        float64
}

var users = []User{
	{"123456789", "John Doe", "wallet123", "Windows 10", "trans123", []string{"endpoint1", "endpoint2"}, "4111111111111111", 1000.00},
}

func main() {
	r := gin.Default()

	r.GET("/users", func(c *gin.Context) {
		c.JSON(http.StatusOK, users)
	})

	r.Run()
}
        
        

The above code represents a simple Go backend application using the Gin framework. It defines a User struct that contains sensitive business information like DocumentNumber, FullName, WalletID, OSName, TransactionCode, Endpoints, CreditCard, and Balance.

A slice of User is initialized with a user that contains sensitive information.

The application has a single route /users, which when invoked with a GET request, responds with the list of users, effectively leaking all the sensitive business information stored in the User struct.

This is a severe security vulnerability as anyone who can send a GET request to the /users endpoint can obtain sensitive business information.

Steps

  • Remove sensitive information from the source code, such as user document numbers, full names, wallet IDs, transaction codes, endpoints, credit card numbers, and balance.
  • Store sensitive information securely in a database or other secure storage solution.
  • Implement authentication and authorization mechanisms to control access to sensitive information.
  • Ensure that sensitive information is encrypted when stored and transmitted.
  • Implement access controls to restrict access to sensitive information based on user roles and permissions.
  • Regularly review and update access controls to ensure they are still effective.
  • Implement logging and monitoring mechanisms to detect and respond to any unauthorized access or leakage of sensitive information.
  • Regularly update and patch the application and its dependencies to address any known security vulnerabilities.
  • Conduct regular security assessments and penetration testing to identify and address any potential vulnerabilities in the application.
  • Train developers and other personnel on secure coding practices and the importance of protecting sensitive information.

Compliant code

        package main

import (
	"github.com/gin-gonic/gin"
	"net/http"
)

type User struct {
	DocumentNumber string
	FullName       string
	WalletID       string
	OSName         string
	TransactionCode string
	Endpoints      []string
	CreditCard     string
	Balance        float64
}

var users = []User{
	{"123456789", "John Doe", "wallet123", "Windows 10", "trans123", []string{"endpoint1", "endpoint2"}, "4111111111111111", 1000.00},
}

func main() {
	r := gin.Default()

	r.GET("/users", func(c *gin.Context) {
		c.JSON(http.StatusOK, users)
	})

	r.Run()
}
        
        

The above code is a simple Go application using the Gin framework. It defines a User struct with various fields, including sensitive information such as DocumentNumber, FullName, WalletID, TransactionCode, Endpoints, CreditCard, and Balance. This sensitive information is then stored directly in the source code in a variable users.

The main function sets up a Gin router and defines a GET route at "/users" that responds with the users variable in JSON format. This means that anyone who sends a GET request to "/users" will receive all the sensitive user information stored in the users variable.

This is a serious security vulnerability as it exposes sensitive user information to anyone who can access the "/users" endpoint. This could potentially lead to information leakage and other security issues.

To fix this vulnerability, sensitive information should not be stored directly in the source code. Instead, it should be stored securely in a database or other secure storage solution. Access to this information should be controlled through authentication and authorization mechanisms. Sensitive information should also be encrypted when stored and transmitted.

In addition, access controls should be implemented to restrict access to sensitive information based on user roles and permissions. Logging and monitoring mechanisms should be implemented to detect and respond to any unauthorized access or leakage of sensitive information.

The application and its dependencies should be regularly updated and patched to address any known security vulnerabilities. Regular security assessments and penetration testing should be conducted to identify and address any potential vulnerabilities in the application. Developers and other personnel should be trained on secure coding practices and the importance of protecting sensitive information.

References