{"id":3803,"date":"2026-03-24T15:31:08","date_gmt":"2026-03-24T15:31:08","guid":{"rendered":"https:\/\/www.hackmosphere.fr\/pentest-of-a-100-vibe-encoded-app-complete-security-analysis-of-an-ai-generated-app\/"},"modified":"2026-04-03T19:31:47","modified_gmt":"2026-04-03T19:31:47","slug":"pentest-of-a-100-vibe-encoded-app-complete-security-analysis-of-an-ai-generated-app","status":"publish","type":"post","link":"https:\/\/www.hackmosphere.fr\/en\/pentest-of-a-100-vibe-encoded-app-complete-security-analysis-of-an-ai-generated-app\/","title":{"rendered":"Pentest of a 100% vibe-encoded app: complete security analysis of an AI-generated app"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Introduction: vibe coding meets cybersecurity<\/h2>\n\n<p>The <strong><a href=\"https:\/\/en.wikipedia.org\/wiki\/Vibe_coding\">vibe coding<\/a><\/strong> is radically transforming the way applications are developed. Thanks to AI assistants and LLMs, it is now possible to generate a complete application &#8211; frontend, backend and API &#8211; simply by describing the functional intent. This approach means that prototypes can be produced in a matter of hours instead of weeks.    <\/p>\n\n<p><strong>The product :  <\/strong><\/p>\n\n<p>The application tested was 100% vibe coded with Claude&#8217;s Opus 4.6. It took the developer two weeks to generate a finished product that was both ergonomic and aesthetically pleasing. The developer had even asked Claude to carry out a pentest, which had already revealed a number of more or less critical flaws.  <\/p>\n\n<p>But a key question arises for cybersecurity teams: <strong>what happens when these AI-generated applications go into production without a security audit?<\/strong><\/p>\n\n<p>To answer this question, we carried out a pentest of an entire web application, in a grey-box context, with standard user access.<\/p>\n\n<p>The results are instructive and several critical vulnerabilities were identified on the first day, including :<\/p>\n\n<ul class=\"wp-block-list\">\n<li>Local File Inclusion (LFI)<\/li>\n\n\n\n<li>IDOR (Insecure Direct Object Reference)<\/li>\n\n\n\n<li>vulnerable dependencies<\/li>\n\n\n\n<li>unsecured upload function<\/li>\n\n\n\n<li>Potential SSRF<\/li>\n<\/ul>\n\n<p>These vulnerabilities illustrate a key point: <strong>AI-generated code is often perfectly functional, but rarely secure by default.<\/strong><\/p>\n\n<p>In this article, we analyze the main vulnerabilities discovered and the lessons to be learned for<strong> <\/strong>CISOs and DevSecOps teams.<\/p>\n\n<div style=\"height:49px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n<h1 class=\"wp-block-heading\">Pentest methodology<\/h1>\n\n<p>The security test was carried out in a<a href=\"https:\/\/www.hackmosphere.fr\/en\/penetration-testing-black-box-white-box-and-gray-box\/\">&#8220;grey-box web application pentest<\/a>&#8221; context.<\/p>\n\n<p>This means that :<\/p>\n\n<ul class=\"wp-block-list\">\n<li>the application was accessible via the Internet<\/li>\n\n\n\n<li>test user accounts were provided<\/li>\n\n\n\n<li>the source code was not initially accessible<\/li>\n<\/ul>\n\n<p>The aim was to reproduce the behavior of an external attacker.<\/p>\n\n<p>The methodology used is based on :<\/p>\n\n<ul class=\"wp-block-list\">\n<li>OWASP Top 10<\/li>\n\n\n\n<li>automated testing<\/li>\n\n\n\n<li>manual analysis<\/li>\n\n\n\n<li>HTTP parameter fuzzing<\/li>\n\n\n\n<li>API endpoint analysis<\/li>\n<\/ul>\n\n<p>Tools used :<\/p>\n\n<ul class=\"wp-block-list\">\n<li>Burp Suite<\/li>\n\n\n\n<li>Nuclei<\/li>\n\n\n\n<li>advanced manual testing<\/li>\n<\/ul>\n\n<p>This approach makes it possible to identify both :<\/p>\n\n<ul class=\"wp-block-list\">\n<li>technical vulnerabilities<\/li>\n\n\n\n<li>business logic problems.<\/li>\n<\/ul>\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n<h1 class=\"wp-block-heading\">Critical vulnerability: Local File Inclusion (LFI)<\/h1>\n\n<p>The most critical vulnerability discovered during the pentest is a <strong><a href=\"https:\/\/owasp.org\/www-project-web-security-testing-guide\/v42\/4-Web_Application_Security_Testing\/07-Input_Validation_Testing\/11.1-Testing_for_Local_File_Inclusion\">Local File Inclusion (LFI)<\/a><\/strong>.<\/p>\n\n<p>This vulnerability allows an attacker to access sensitive files on the server.<\/p>\n\n<p>In the application analyzed, a user-controlled parameter was used directly to load files onto the system.<\/p>\n\n<p>Here is the equivalent vulnerable code:  <\/p>\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"942\" height=\"231\" src=\"https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/image.png\" alt=\"Source code vulnerable to LFI.\" class=\"wp-image-3787\" srcset=\"https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/image.png 942w, https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/image-480x118.png 480w\" sizes=\"(min-width: 0px) and (max-width: 480px) 480px, (min-width: 481px) 942px, 100vw\" \/><figcaption class=\"wp-element-caption\">Vulnerable code enabling an LFI attack.<\/figcaption><\/figure>\n\n<p>The &#8220;full_path&#8221; parameter was not correctly filtered, so an attacker could use a<strong>&#8220;path traversal<\/strong>&#8221; attack. For example: <\/p>\n\n<pre class=\"wp-block-code\"><code>..\/..\/..\/..\/etc\/passwd<\/code><\/pre>\n\n<p>This request accesses the system file <code>\/etc\/passwd<\/code>, as shown below:  <\/p>\n\n<figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"656\" height=\"372\" src=\"https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/image-2.png\" alt=\"PoC LFI.\" class=\"wp-image-3791\" srcset=\"https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/image-2.png 656w, https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/image-2-480x272.png 480w\" sizes=\"(min-width: 0px) and (max-width: 480px) 480px, (min-width: 481px) 656px, 100vw\" \/><figcaption class=\"wp-element-caption\">Playback of arbitrary files possible.<\/figcaption><\/figure>\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n<h2 class=\"wp-block-heading\">Impact of the LFI<\/h2>\n\n<p>A BIA can :<\/p>\n\n<ul class=\"wp-block-list\">\n<li>access to configuration files<\/li>\n\n\n\n<li>exposure of environmental variables<\/li>\n\n\n\n<li>credential recovery<\/li>\n\n\n\n<li>access to source code<\/li>\n\n\n\n<li>preparation for subsequent attacks<\/li>\n<\/ul>\n\n<p>In some cases (unfortunately not here, as the necessary files have not been identified), a LFI can even lead to <strong>Remote Code Execution (RCE<\/strong>).  <\/p>\n\n<p>This vulnerability belongs to <a href=\"https:\/\/owasp.org\/Top10\/2025\/A02_2025-Security_Misconfiguration\/\">OWASP category A02 &#8211; Security Misconfiguration<\/a>.<\/p>\n\n<div style=\"height:50px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n<h1 class=\"wp-block-heading\">Vulnerable addictions: the invisible problem<\/h1>\n\n<p>Another problem identified concerns the dependencies used by the application.<\/p>\n\n<p>The frontend used the Vite library version 5.4.10. This version contains several known vulnerabilities: <\/p>\n\n<ul class=\"wp-block-list\">\n<li>CVE-2025-31125<\/li>\n\n\n\n<li>CVE-2025-30208<\/li>\n\n\n\n<li>CVE-2024-23331<\/li>\n<\/ul>\n\n<p>As with the LFI described above, these vulnerabilities potentially allow unauthorized access to system files. This problem is very common in AI-generated projects. <\/p>\n\n<p>Why?<\/p>\n\n<p>Because :<\/p>\n\n<ul class=\"wp-block-list\">\n<li>automatically select dependencies<\/li>\n\n\n\n<li>do not include safety monitoring<\/li>\n\n\n\n<li>do not check for vulnerable versions<\/li>\n<\/ul>\n\n<p>As a result, the application may contain known vulnerabilities as soon as it goes into production.<\/p>\n\n<div style=\"height:51px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n<h1 class=\"wp-block-heading\">IDOR: access to other users&#8217; data<\/h1>\n\n<p>Another important vulnerability identified during the pentest was an IDOR (Insecure Direct Object Reference).<\/p>\n\n<p>In the application, user profiles were accessible via an identifier in the URL.<\/p>\n\n<p>Example:<\/p>\n\n<pre class=\"wp-block-code\"><code>\/employee\/{user_guid}<\/code><\/pre>\n\n<p>Since GUIDs are unique identifiers, they&#8217;re impossible to guess. So we need to find a way for the application to give them to us directly. After a tour of the various API calls, we identified &#8220;\/api\/leaderboard&#8221;, which returns the GUIDs of all employees:    <\/p>\n\n<figure class=\"wp-block-image size-large is-style-default wp-duotone-unset-1\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"496\" src=\"https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/leaderboard-1-1024x496.png\" alt=\"leaderboard API call to obtain users' GUID\" class=\"wp-image-3817\" srcset=\"https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/leaderboard-1-1024x496.png 1024w, https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/leaderboard-1-980x474.png 980w, https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/leaderboard-1-480x232.png 480w\" sizes=\"(min-width: 0px) and (max-width: 480px) 480px, (min-width: 481px) and (max-width: 980px) 980px, (min-width: 981px) 1024px, 100vw\" \/><figcaption class=\"wp-element-caption\">GUID recovery.<\/figcaption><\/figure>\n\n<p>By modifying this GUID with one of the GUIDs obtained, for example that of the tech lead, it was possible to access the data of other users:  <\/p>\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"593\" src=\"https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/idor-1024x593.png\" alt=\"idor\" class=\"wp-image-3798\" srcset=\"https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/idor-980x568.png 980w, https:\/\/www.hackmosphere.fr\/wp-content\/uploads\/2026\/03\/idor-480x278.png 480w\" sizes=\"(min-width: 0px) and (max-width: 480px) 480px, (min-width: 481px) and (max-width: 980px) 980px, (min-width: 981px) 1024px, 100vw\" \/><figcaption class=\"wp-element-caption\">Access to an arbitrary user.<\/figcaption><\/figure>\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n<h2 class=\"wp-block-heading\">Exposed data<\/h2>\n\n<p>API endpoints returned :<\/p>\n\n<ul class=\"wp-block-list\">\n<li>email<\/li>\n\n\n\n<li>user role<\/li>\n\n\n\n<li>internal identifiers<\/li>\n\n\n\n<li>password hash (unfortunately unused, as the application uses OAuth tokens)<\/li>\n<\/ul>\n\n<p><\/p>\n\n<h2 class=\"wp-block-heading\">Impact<\/h2>\n\n<p>This type of vulnerability can :<\/p>\n\n<ul class=\"wp-block-list\">\n<li>leakage of personal data<\/li>\n\n\n\n<li>preparation of targeted attacks<\/li>\n\n\n\n<li>privilege escalation<\/li>\n<\/ul>\n\n<p>This vulnerability corresponds to <a href=\"https:\/\/owasp.org\/Top10\/2025\/A01_2025-Broken_Access_Control\/\">OWASP A01 &#8211; Broken Access Control<\/a>.<\/p>\n\n<div style=\"height:42px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n<h1 class=\"wp-block-heading\">Other vulnerabilities observed<\/h1>\n\n<p>The pentest also revealed several additional vulnerabilities:<\/p>\n\n<ul class=\"wp-block-list\">\n<li>potential SSRF blind<\/li>\n\n\n\n<li>software version disclosure<\/li>\n\n\n\n<li>missing HTTP security headers<\/li>\n\n\n\n<li>weak password policy<\/li>\n\n\n\n<li>environment staging exposed<\/li>\n\n\n\n<li>No antivirus on file upload function<\/li>\n<\/ul>\n\n<p>Individually, these vulnerabilities are often classified as<strong> low or medium criticality<\/strong>. But combined, they can facilitate more advanced attacks. <\/p>\n\n<div style=\"height:48px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n<h1 class=\"wp-block-heading\">Why vibe coding generates these vulnerabilities<\/h1>\n\n<p>The pentest revealed several structural weaknesses in vibe coding.<\/p>\n\n<h2 class=\"wp-block-heading\">1. Despite AI code review, it still can&#8217;t see everything<\/h2>\n\n<p>AI-generated applications rarely go through a human safety review.<\/p>\n\n<h2 class=\"wp-block-heading\">2. Insufficient user input validation<\/h2>\n\n<p>AI models focus on functionality rather than safety.<\/p>\n\n<h2 class=\"wp-block-heading\">3. Incomplete access controls<\/h2>\n\n<p>Authorization rules are often forgotten or poorly implemented.<\/p>\n\n<h2 class=\"wp-block-heading\">4. Unsecured dependencies<\/h2>\n\n<p>The library versions used are not verified.<\/p>\n\n<div style=\"height:47px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n<h1 class=\"wp-block-heading\">How to secure a coded vibe application<\/h1>\n\n<p>Organizations adopting vibe coding need to adapt their security practices.<\/p>\n\n<p>Here are a few recommendations.<\/p>\n\n<h2 class=\"wp-block-heading\">Integrating safety into the pipeline<\/h2>\n\n<ul class=\"wp-block-list\">\n<li>SAST<\/li>\n\n\n\n<li>DAST<\/li>\n<\/ul>\n\n<h2 class=\"wp-block-heading\">Scanning dependencies<\/h2>\n\n<ul class=\"wp-block-list\">\n<li>OWASP Dependency Check<\/li>\n\n\n\n<li>Snyk<\/li>\n\n\n\n<li>Dependabot<\/li>\n<\/ul>\n\n<h2 class=\"wp-block-heading\">Applying the principle of least privilege<\/h2>\n\n<p>Each endpoint must verify :<\/p>\n\n<ul class=\"wp-block-list\">\n<li>authentication<\/li>\n\n\n\n<li>authorization<\/li>\n<\/ul>\n\n<h2 class=\"wp-block-heading\">Create regular slopes<\/h2>\n\n<p>Vibe coding accelerates development.<\/p>\n\n<p>But it also accelerates the spread of vulnerabilities.<\/p>\n\n<div style=\"height:45px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n<h1 class=\"wp-block-heading\">Conclusion<\/h1>\n\n<p>Vibe coding opens up a new era in software development.<\/p>\n\n<p>But our pentest shows that AI-generated applications <em>still <\/em>often present :<\/p>\n\n<ul class=\"wp-block-list\">\n<li>critical vulnerabilities<\/li>\n\n\n\n<li>vulnerable dependencies<\/li>\n\n\n\n<li>inadequate access controls<\/li>\n<\/ul>\n\n<p>For CISOs and CISOs, the conclusion is simple: an AI-generated application must be audited like any other mission-critical application.<\/p>\n\n<p>Otherwise, AI risks accelerating not only innovation&#8230; but also attacks.<\/p>\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n<p>Are you developing applications with AI or vibe coding?  <\/p>\n\n<p>Our teams carry out <strong>specialized pentests on AI-generated applications<\/strong> to identify vulnerabilities before they are exploited.<\/p>\n\n<p><a href=\"https:\/\/www.hackmosphere.fr\/en\/contact-audit\/\">Contact us<\/a> for a <strong>security audit or an advanced application pentest<\/strong>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction: vibe coding meets cybersecurity The vibe coding is radically transforming the way applications are developed. Thanks to AI assistants and LLMs, it is now possible to generate a complete application &#8211; frontend, backend and API &#8211; simply by describing the functional intent. This approach means that prototypes can be produced in a matter of [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":3792,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"none","_seopress_titles_title":"Pentest d'une application vibe cod\u00e9e : analyse & r\u00e9sultats","_seopress_titles_desc":"Analyse technique d\u2019un pentest d\u2019application web 100 % vibe cod\u00e9e : d\u00e9couverte de vuln\u00e9rabilit\u00e9s LFI, IDOR, d\u00e9pendances vuln\u00e9rables et risques s\u00e9curit\u00e9 li\u00e9s au code g\u00e9n\u00e9r\u00e9 par IA.","_seopress_robots_index":"","_seopress_analysis_target_kw":"","_et_pb_use_builder":"off","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[41,18],"tags":[],"class_list":{"0":"post-3803","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-services","8":"category-red-team"},"_links":{"self":[{"href":"https:\/\/www.hackmosphere.fr\/en\/wp-json\/wp\/v2\/posts\/3803","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hackmosphere.fr\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hackmosphere.fr\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hackmosphere.fr\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hackmosphere.fr\/en\/wp-json\/wp\/v2\/comments?post=3803"}],"version-history":[{"count":4,"href":"https:\/\/www.hackmosphere.fr\/en\/wp-json\/wp\/v2\/posts\/3803\/revisions"}],"predecessor-version":[{"id":3821,"href":"https:\/\/www.hackmosphere.fr\/en\/wp-json\/wp\/v2\/posts\/3803\/revisions\/3821"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.hackmosphere.fr\/en\/wp-json\/wp\/v2\/media\/3792"}],"wp:attachment":[{"href":"https:\/\/www.hackmosphere.fr\/en\/wp-json\/wp\/v2\/media?parent=3803"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hackmosphere.fr\/en\/wp-json\/wp\/v2\/categories?post=3803"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hackmosphere.fr\/en\/wp-json\/wp\/v2\/tags?post=3803"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}