Professional Documents
Culture Documents
Hacking-Webservers Ec 1 Page VVI
Hacking-Webservers Ec 1 Page VVI
1. Information Gathering 2. Web Server Footprinting 3. Website Mirroring 4. Vulnerability Scanning 5. Session Hijacking 6. Webserver Password
Hacking
The attacker collects as much The purpose of footprinting is to In this method, the attacker copies The attacker uses specific tools like The attacker takes over complete Attackers use password cracking
HACKING information as possible and analyzes learn about the security aspects of a website and its content onto Wireshark and Metasploit, to find control of the user’s session using methods such as brute force attacks,
it to find lapses in the current security a web server with the help of tools or another server for offline browsing. vulnerabilities and misconfigurations session hijacking techniques, like hybrid attacks, and dictionary attacks
WEBSERVERS mechanism of the webserver. footprinting techniques. in a web server. session fixation or session side to crack a webserver’s password.
jacking.
1. DocumentRoot 2. Server Root 3. Virtual Document Tree 4. Virtual Hosting 5. Web Proxy
WEBSERVER
It is one of the web server’s root file It is the top-level root directory It provides storage on a different It is a technique of hosting multiple A proxy sever sits in between the
-
OPERATIONS
directories that stores critical
HTML files related to the web pages
under the directory tree in which
the server’s configuration and error,
machine or a disk after the original
disk is filled-up. It is case sensitive and
domains or websites on the
same – server. This allows sharing of
web client and web server. Due to
the placement of web proxies, all the
of a domain name that will serve in executable and log files are stored. can be used to provide resources between various servers. requests, from the clients will be
COMPONENTS response to the requests. object-level security passed on to the webserver through
the web proxies.
OpenSource Web server architecture Apache is the web server component MySQL is a relational database used PHP is the application layer
Open Source Web typically uses Linux, Apache, MYSQL, Linux is the server’s OS that provides
handles each HTTP request and to store the web server’s content technology used to generate
and PHP ( LAMP) as principal secure platform for the webserver
response and configuration information dynamic web content.
ServerArchitecture documents.
Common goals
Stealing credit cards, or other
credentials using phishing Hiding and redirecting traffic Escalating privileges Compromising a database
behind a
techniques.
Web Server
Attributions
attacks go beyond Damage target organizations
Curiosity Achieving self-set challenge
leading to the reputation.
financial gains,
attack:
many personal
Administrative or
Default accounts with Unnecessary default, Misconfigurations in Misconfigured debugging functions Use of self-signed
Bugs in server software
CONT their default passwords, backup or web server, OS, and SSL certificates and that are enabled or certificates and default
OS, and web applications
or no passwords sample files networks encryption settings accessible on certificates.
web servers
· Network bandwidth
To crash the web server running · CPU Usage
DoS,DDoS
Attackers may send numerous Attackers may target high profile
Web Server fake requests to the webserver web servers such as banks, credit card the application, attacker targets
· Server memory
which results in the web server payments gateways, government the following services by · Hard disk space
Attacks Attack– crashing or becoming unavailable
to the legitimate users
owned services etc. to steal user
credentials.
consuming the web server with
fake requests.
· Application exception handling
mechanism
· Database space.
Attacker compromises DNS server Domain Name System (DNS) resolves a domain name to its
and changes the DNS settings so corresponding IP address. In DNS hijacking, an attacker compromises
DNS Server that all the requests, coming the DNS server and changes the mapping settings of the target DNS server
towards the target web server are to redirect toward a rogue DNS server so that it would redirect the user’s
Hijacking redirected to his/her own request to the attacker’s rogue server. Thus, when the user type the
malicious server. legitimate URL in a browser, the settings will redirect to the attackers fake site.
The attacker uses ../(dot-dot-slash) Attacker scan use trial and error
Directory sequence to access restricted method to navigate outside of the
directories outside of the web server root directory and access sensitive
Traversal Attack root directory information in the system.