The Ethical Hacker's Guide To Hacking Webservers

1. Information Gathering 2. Web Server Footprinting 3. Website Mirroring 4. Vulnerability Scanning 5. Session Hijacking 6. Webserver Password
Hacking
The attacker collects as much The purpose of footprinting is to In this method, the attacker copies The attacker uses specific tools like The attacker takes over complete Attackers use password cracking
HACKING information as possible and analyzes learn about the security aspects of a website and its content onto Wireshark and Metasploit, to find control of the user’s session using methods such as brute force attacks,
it to find lapses in the current security a web server with the help of tools or another server for offline browsing. vulnerabilities and misconfigurations session hijacking techniques, like hybrid attacks, and dictionary attacks
WEBSERVERS mechanism of the webserver. footprinting techniques. in a web server. session fixation or session side to crack a webserver’s password.
jacking.

1. DocumentRoot 2. Server Root 3. Virtual Document Tree 4. Virtual Hosting 5. Web Proxy
WEBSERVER
It is one of the web server’s root file It is the top-level root directory It provides storage on a different It is a technique of hosting multiple A proxy sever sits in between the

-
OPERATIONS
directories that stores critical
HTML files related to the web pages
of a domain name that will serve in
COMPONENTS response to the requests.
under the directory tree in which
the server’s configuration and error,
executable and log files are stored.
machine or a disk after the original
disk is filled-up. It is case sensitive and
can be used to provide
object-level security
domains or websites on the
same – server. This allows sharing of
resources between various servers.
web client and web server. Due to
the placement of web proxies, all the
requests, from the clients will be
passed on to the webserver through
the web proxies.

OpenSource Web server architecture Apache is the web server component MySQL is a relational database used PHP is the application layer
Open Source Web typically uses Linux, Apache, MYSQL, Linux is the server’s OS that provides
handles each HTTP request and to store the web server’s content technology used to generate
and PHP ( LAMP) as principal secure platform for the webserver
response and configuration information dynamic web content.
ServerArchitecture documents.

Stack 1 – Security – IPS/IDS

Attackers usually target software
Web Server
vulnerabilities and configuration
errors to compromise web servers.
Security Issue
Network and OS level attacks can
be well defended using proper
network security measures
Such as firewalls, IDS, etc. Stack 4 – Database – Oracle/ MYSQL Stack 6 – Third party components –
However, web servers are accessible /MSSQL OpenSource / Commercial
Stack 2 – Network - Router/Switch
from anywhere on the web, which
makes them more vulnerable to Stack 5 – Webserver – Apache Stack 7 – Custom web applications –
Stack 3 – Operating System -
attacks. /Microsoft IIS Business logic flaws
Windows /Linux/OSX

Common goals
Stealing credit cards, or other
credentials using phishing Hiding and redirecting traffic Escalating privileges Compromising a database
behind a
techniques.

web server attack

Web Server
Attributions
attacks go beyond Damage target organizations
Curiosity Achieving self-set challenge
leading to the reputation.
financial gains,
attack:
many personal

1.Why web servers Unnecessary services enabled,

Improper file and directory Installing servers with default Security conflicts with business Lack of proper security policy, Improper Authentication with
including content management
permissions settings
and remote administration
ease-of-use case procedures, and maintenance external systems
are compromised?

Administrative or
Default accounts with Unnecessary default, Misconfigurations in Misconfigured debugging functions Use of self-signed
Bugs in server software
CONT their default passwords, backup or web server, OS, and SSL certificates and that are enabled or certificates and default
OS, and web applications
or no passwords sample files networks encryption settings accessible on certificates.
web servers

Impact of Root access to other applications

User account compromised Website defacement Secondary attacks from the website Data tampering and data theft
and servers
web serverAttacks

· Network bandwidth
To crash the web server running · CPU Usage
DoS,DDoS
Attackers may send numerous Attackers may target high profile
Web Server fake requests to the webserver web servers such as banks, credit card the application, attacker targets
· Server memory
which results in the web server payments gateways, government the following services by · Hard disk space
Attacks Attack– crashing or becoming unavailable
to the legitimate users
owned services etc. to steal user
credentials.
consuming the web server with
fake requests.
· Application exception handling
mechanism
· Database space.

Attacker compromises DNS server
and changes the DNS settings so
DNS Server that all the requests, coming
towards the target web server are
Hijacking redirected to his/her own
malicious server.
Domain Name System (DNS) resolves a domain name to its
corresponding IP address. In DNS hijacking, an attacker compromises
the DNS server and changes the mapping settings of the target DNS server
to redirect toward a rogue DNS server so that it would redirect the user’s
request to the attacker’s rogue server. Thus, when the user type the
legitimate URL in a browser, the settings will redirect to the attackers fake site.

DNS Attacker uses compromised

Attacker takes advantage of PCs with spoofed IP addresses
DNS recursive method of DNS to amplify the DDOS attacks
Amplification redirection to perform DNS on victim’s DNS server by
amplification attack. exploiting DNS recursive
Attack method.

The attacker uses ../(dot-dot-slash) Attacker scan use trial and error
Directory sequence to access restricted method to navigate outside of the
directories outside of the web server root directory and access sensitive
Traversal Attack root directory information in the system.