Scribd
Upload
272 views

Web Hacking Basics PDF

This document discusses web hacking basics and provides rules and classifications for different types of attacks. It summarizes that web applications can be found in many places and outlines five classes of web hacking: attacks on the web server, web client, web application, web user, and network. It emphasizes that all inputs should be validated and interactions assumed malicious (Rule 1) and that attackers have unpredictable motives, skills, and targets (Rule 2). Common attacks discussed include SQL injection, file inclusion, password guessing, and cross-site scripting.

Uploaded by

rana322
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
272 views

Web Hacking Basics PDF

This document discusses web hacking basics and provides rules and classifications for different types of attacks. It summarizes that web applications can be found in many places and outlines five classes of web hacking: attacks on the web server, web client, web application, web user, and network. It emphasizes that all inputs should be validated and interactions assumed malicious (Rule 1) and that attackers have unpredictable motives, skills, and targets (Rule 2). Common attacks discussed include SQL injection, file inclusion, password guessing, and cross-site scripting.

Uploaded by

rana322
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

Web Hacking Basics

2010 MAD Security, LLC


All rights reserved

Where Do We Find Web Apps?

Social Media
Webmail
Ecommerce
Online Banking
Corporate Intranet sites
Customer & Project Management
Bug tracking
Routers & Firewalls

Printers
Gaming Consoles
Database Management
Filesharing Clients
Virtual Machine Management
Everywhere

nmap -p http* 192.168.1.1-255

Rule #1
Never trust the client, the server, or the
network.
All inputs must be validated. All interactions with other parties must
be assumed to be malicious until proven otherwise.

Rule #2
Attackers have unpredictable motives, skills,
and targets. Attackers are therefore
unpredictable.
Never assume that an attacker cannot find a target, cannot find a way
to exploit it, or would choose not to attack a target.

Attacker Motives

Defacement
Network Resources
System Resources
Locally Stored Data
Source Code
User Traffic
User Accounts
Administrator Privileges
Vulnerabilities

Five Classes of Web Hacking


Attacks on the web server
Attacks on the web client
Attacks on the web application
Attacks on the web user
Attacks on the network

Server Attacks

Earliest form of web hacking


Best understood attacks
Most easily prevented attacks
Still extremely common
Requires careful programming,
configuration and maintenance to
prevent.

Shell Command Injection


File Inclusion
SQL Injection
Executable Uploads
Information Leakage

Client Attacks
Malicious code is served up and
executed on the client-side.
Next logical step after server
attacks.
Compromises the system or web
browser.
Defenses are improving, but there
is no reliable proactive defense.
Keep patches up to date.

Trojans, Malware
Drive-By Download
Parsing Flaws in media

ActiveX
PDF
Flash
Images
Movies

No Website Is Trusted
The old Dont browse untrusted sites
mantra is meaningless.

Application Attacks
Goal-oriented
Focused on abusing application
logic, not compromising systems

Session manipulation (prediction,


spoofing, fixation)
Incomplete access controls
Some cryptographic attacks

User Attacks
Users are predictable and easily
manipulated
Forcing user action can
circumvent controls
Classic cons and scams can be
easily repurposed for the web

Clickjacking
Password Guessing
Phishing
Social Engineering
Cross-site Scripting and Crosssite Request Forgery are a unique
combination of User, Browser,
Server, and Application attacks.

Network Attacks
Are not unique to web security
Have unique consequences

Traffic Sniffing
DNS Poisoning
ARP Poisoning
SSL Attacks

Rule #1
Never trust the client, the server, or the
network.
All inputs must be validated. All interactions with other parties must
be assumed to be malicious until proven otherwise.

You might also like