Footprint
Web Infrastructure
Web infrastructure Foot printing is the
first step in web application hacking; it helps attackers to select victims and
identify vulnerable web application
·
Server Discovery
·
Service Discovery
·
Server Identification
·
Hidden Content Discovery
1.
Server Discovery
Server Discovery gives information about the location of servers and ensures that the target server is alive on internet.
Server Discovery gives information about the location of servers and ensures that the target server is alive on internet.
·
Whois Lookup
·
DNS Interrogation
·
Port Scanning
2.
Service Discovery:
Tools used for service
discovery.
a.
Nmap
b.
NetsCan tools pro
c.
Sendcat Browser
3. Server Identification/
Banner Grabbing
analyze the server response header fields to identify the make, model, and version of the web server software.
analyze the server response header fields to identify the make, model, and version of the web server software.
This information
helps attackers to select the exploits from vulnerability database to attack a
web server and applications.
Banner Grabbing
Tools:
- telnet
- NetCat
- ID Serve
- NetCraft
4.
Hidden Content Discovery
Discover the hidden
content and functionality that is not reachable from the main visible content
to exploit user privileges within the application.
a.
Web Spidering :web spidering automatically discover the hidden content and functionality by
parsing HTML form and client-side Java-script requests and responses.
5. Web Application Hacking Methodology
5. Web Application Hacking Methodology
- Footprint Web infrastructure: It helps attackers to select victims and identity vulnerable web applications. It's include Server Discovery, Service Discovery, Server Identification, and Hidden Content Discover.
- Attack Web Servers: Identify the web server environment, scan the server for known vulnerabilities by using various tools like Web Inspect, Nessus ,UrlScan, Nikto.
- Analyze web Applications: Identify HTTP header parameters, URL encoding techniques by using tools like Burp Suite, HttPrint, Web Scarab, and OWASP Zed Attack Proxy.
- Attack Authentication mechanism: check weakness of authentication policy like failure to check password strength or insecure transportation of credentials.
- Attack Authorization Schemes: Attacker’s first access web applications using low privileged account and then escalate privileges to access protected resources.
- Attack Session Management Mechanism: by breaking session management attackers try to bypass the authentication controls and to impersonate privileged application users.
- Perform Injection Attacks: attackers supply malicious input to break down the application's normal flow.
- Attack Data Connectivity: attack includes connection string injection, Connection String Parameter Pollution, Connection Pool Dos
- Attack Web App Client: attack includes Cross-Site Scripting, Redirection Attacks, HTTP header Injection, Frame Injection, Request Forgery Attack, Session Fixation P
- Attack Web Services: SOAP injection by manipulate SOAP requests.
6] various tool used for web application hacking like Burp Site, Cookie Digger, and Web Scarab & Signification of encoding and different encoding schemes.
No comments:
Post a Comment