Professional Documents
Culture Documents
Web
Web Security
Almost everything relies on computers and the Internet now
Communication - email, cell phones Transportation - car engine systems, airplane navigation Medicine - equipment, medical records Shopping - online stores, credit cards
Web Security
Web Security, also known as Cyber Security involves
protecting that information by preventing, detecting, and responding to attacks.
Integrity
Knowing that the information has not been changed
Authenticity
Knowing who sent the information
Privacy
Integrity
Authentication
We need to authenticate a message to make sure it was sent by the correct person.
Digital signature is used for the purpose Public key , Private key method can also be used to authenticate.
An Example of XSS
Countermeasures of XSS
HACKING ANATOMY
RECONNAISSANCE
Reconnaissance
Gathering information about the target in active or passive manner to prepare himself for the attack.
Passive Investigation
Fingerprinting
Information available on public domain such as search engine, newspaper, dumpster diving Social engineering Sniffing
Active Investigation
List of accessible hosts.
Details of target machines.
Fingerprinting
A way of non intrusive information gathering
The information gained can range from Domain names
Network blocks
Specific IP addresses Contact addresses
Initial Information
Domain Name Lookups
a name that identifies one or more IP addresses
Websites
Tools
1.
2. 3. 4. 5.
Google
Whois Nslookup LiveHTTPHeaders Web Spider
1. Google
Using its query modifier
filetype inurl
site
intitle link
allintitle
allinurl
Example - Google
Example - Google
2. Whois
Several operating system provide this utility
Information that can be retrieved Owner
Registrar
Domain Network
Point of Contact
Addresses
Example - Whois
Example - Whois
3. Nslookup
Queries the default name server specified in the current
machines TCP/IP configuration
Example - Nslookup
4. LiveHTTPHeaders
5. Web Spider
A tool to crawl an entire website
SCANNING
Scanning
Detecting systems running on target network
Map the network by discovering extra hosts and devices discover the open ports and services
Types of scanning
port scanning vulnerability scanning
1. Port Scanning
Information gathering
discovery of ports that are listening or open determination of which ports refuse connections
1. Vulnerability Scanning
Focuses on known weaknesses
detect vulnerabilities assign risk levels to discovered vulnerabilities
GAINING ACCESS
Gaining Access
If vulnerability is found, exploit it
Search and use exploits or techniques underground resources
Gaining Access
Types of most popular vulnerabilities for gaining access
user enumeration & privilege escalation default installation
Underground Resources
http://1337day.com
Chat Rooms
KEEPING ACCESS
Once a hacker has gained access, they want to keep that access for future exploitation and attacks. Sometimes, hackers harden the system from other hackers or security personnel by securing their exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns the system, they can use it as a base to launch additional attacks. In this case, the owned system is sometimes referred to as zombie system.
COVERING TRACK
Hackers have been able to gain and maintain access, they cover their tracks to avoid detection by security personnel, to continue to use the owned system, to remove evidence of hacking, or to avoid legal action. Hackers try to remove all traces of the attack, such as log files or intrusion detection system (IDS) alarms. Examples of activities during this phase of the attack include steganography, the use of tunneling protocols, and altering log files. Steganography and use of tunneling for purposes of hacking will be discussed in later posts.
2. Penetration Testing This is part of security testing in which a deliberate and simulated
feedback for the use of administrator. They can give you possible
web application vulnerabilities like sql injection, XSS and firewall security breach. Nikto is a very useful open source scanner and
Another Important
your set up. Even if youre not actively updating a dead blog you
should consider updating its version.