Web hacking

Warning: Do not execute these on a network or system that you do not own. Execute only on your own network or system for learning purposes. Do not execute these on any production network or system, unless Rules of engagement have been agreed on, and you have a Get out of jail free card.

What?

Are you still there, server? It's me, Margaret.

Web servers became harder to hack, not impossible to hack. Web servers suffer the same vulnerabilities as other servers do, plus then some:

  • Vulnerabilities in the server daemon itself
  • Vulnerabilities due to unhardened state: exposed scripts, default pages or default applications
  • Vulnerabilities within the applications running on the server

Why?

  • To show that it might be possible to deface the site of the client.
  • Gain access to information which is not intended to be exposed by the client.
  • Gaining entry into the internal network (if poorly configured and secured).

How?

  • Take advantage of vulnerabilities on hosts or hosted applications to gain a shell on the remote server or expose the information in an application database through SQL injection or other techniques.
  • Use common vulnerabilities, such as DNS poisoning, weak configurations, and poor patching (but those are becoming rare).
  • Find new vulnerabilities with code analysis or fuzzing.

Concretely