Professional Documents
Culture Documents
md 4/10/2019
Web Servers are the programs that are used for hosting services.
Web Servers are deployed on a separate web server hardware or installed on a host as a program.
Web Servers support different types of application extensions whereas all of the support Hypertext Markup
Language (HTML).
Components of IIS
Protocol listener are responsible for receiving and returning protocol-specific requests.
HTTP.sys are responsible for HTTP requests.
World Wide Web Pblishing Service (WWW Service)
Windows Process Activation Service (WAS)
DoS/DDoS
Spoof the source address of the DNS request, by the amplification of the size of the request and using
botnets, it results a DDoS attack.
1/4
13_Hacking_Web_servers.md 4/10/2019
Attacker using trials and error method to access restricted directories to reveal sensitive information.
Phishing Attacks
Website Defacement
After a successful intrusion, attacker alters and modify the content of the website.
Webserver Misconfiguration
The attacker wipe the actual cache of the webserver and sending crafted request to store fake entries.
Cookie Tampering
DoS
SQL Injection
Session Hijacking
Cross-Site Request Forgery (CSRF)
Cross-Site Scripting (XSS)
Buffer Overflow
Attack Methodology
Information Gathering
Collecting information from internet.
robots.txt
Read more
Tools:
Netcraft
Maltego
httprecon
Mirroring a website
Download the website, to inspect offline, without any interaction to the target.
Tool:
httrack
Vulnerability Scanning
Automted tool to inspect website and detect vulnerabilities. These tools perfomr depp inspection of scripts,
open ports, banners, etc.
Tools:
owasp-zap
openvas
Non-Electronic attacks
Active online attacks
Passive online attacks
Default password
offline attack
Countermeasures
Place web server in a secure zone (behind firewall, IDS, IPS, DMZ)
Detect potential changes (hashing, script to detect change)
Auditing ports
Disable insecure and unnecessary ports
Using port 443 (HTTPS) over port 80 (HTTP)
Encrypted traffic
Server certificate
Code Access Security Policy
Disable tracing
3/4
13_Hacking_Web_servers.md 4/10/2019
Patch Management
Hotfix is a small update which fix an issue. Patch is a bigger of software to fix one or more issues.
Methods:
Manual download
Auto-Update
Patch Management is an automated process to detect missing security patches, find out solutions, download
patch, test the patch in an isolated environment then deploy the patch onto the systems.
Tools:
4/4