Summary Of The Basics of Web Hacking, PRT 2

Photo by Markus Spiske on Unsplash

Web Apps Touch Every Part of IT

Web applications are far more than just the code running on a web server. They interact with various core systems within a company’s IT infrastructure, making them a prime target for attackers. It’s a common misconception that web applications are isolated in an external DMZ, but the reality is they can provide access to sensitive data and systems.

Some key areas that need to be considered when targeting a web application include:

1. Database Server and Database: The system hosting the database used by the web application may be vulnerable to attacks that allow sensitive data to be created, read, updated, or deleted.

2. File Server: Systems that allow file upload and/or download functionality may be vulnerable to attacks that grant unauthorized access to server resources.

3. Third-Party Components: Widely adopted modules like content management systems (CMSs) are attractive targets due to their widespread usage and available documentation.

Existing Methodologies

The two most widely accepted penetration testing methodologies are the Open-Source Security Testing Methodology Manual (OSSTM) and the Penetration Testing Execution Standard (PTES).

The OSSTM covers five key areas:

Information and data controls2. Personnel security awareness levels3. Fraud and social engineering levels4. Computer and telecommunications networks, wireless devices, and mobile devices5. Physical security access controls, security processes, and physical locations

The PTES provides a common language for penetration testers and security professionals to follow, helping clients understand their security posture.

While these standards are comprehensive, they can be overwhelming for beginner hackers. This is where a more manageable methodology, like the one presented in this book, can be helpful in guiding you through the theory, tools, and techniques of web hacking.

Most Common Web Vulnerabilities

Injection Flaws: Untrusted user data is sent to the web application as part of a command or query, tricking the application into executing unintended commands or accessing unauthorized data.

2. Cross-Site Scripting (XSS): User input is accepted by the application and used in the output of the response without proper output encoding, allowing attackers to execute scripts in the victim’s browser.

These vulnerabilities can be found in various parts of the web application, such as SQL queries, LDAP queries, XPATH queries, and OS commands. Understanding how to identify and exploit these flaws is crucial for effective web hacking.