Page 1
HACKING WEB APPLICATION
Prof. Dr. M. Ameer Ali
Professor & ChairmanDepartment of Computer Science & Engineering
Bangladesh University of Business and Technology (BUBT)
Page 2
Web Application Attack Report
Page 3
Variety of Hacking Actions Within Web Attacks Pattern
Page 4
Introduction to Web Applications
Page 5
How Web Applications Work
Page 6
Web Application Architecture
Page 7
Web 2.0 Applications
Page 8
Vulnerability Stack
Page 9
Web Application Threats - 1
Page 10
Web Application Threats - 1
Page 11
Invalidated Input
Page 12
Parameter/Form Tampering
Page 13
Directory Traversal
Page 14
Security Misconfiguration
Page 16
SQL Injection Attacks
Page 17
Command Injection Attacks
Page 18
Command Injection Example
Page 19
File Injection Attacks
Page 20
What is LDAP Injection?
Page 21
How LDAP Injection Works
Page 22
Hidden Field Manipulation Attacks
Page 23
Cross-Site Scripting (XSS) Attacks
Page 24
How XSS Attacks Work
Page 25
Cross-Site Scripting (XSS) Attack Scenario: Attacks via Email
Page 26
XSS Example: Attack via Email
Page 27
XSS Example: Stealing User’s Cookies
Page 28
XSS Example: Sending an Unauthorized Request
Page 29
XSS Attack in Blog Posting
Page 30
XSS Attack in Comment Field
Page 31
Websites Vulnerable to XSS Attack
Page 32
Cross-Site Request Forgery (CSRF) Attack
Page 33
How CSRF Attacks Work
Page 34
Web Application Denial-of-Service (Dos) Attack
Page 35
Denial-of-Service (Dos) Examples
Page 36
Buffer Overflow Attack
Page 37
Cookie/Session Poisoning
Page 38
Hoe Cookie Poisoning Works
Page 39
Session Fixation Attack
Page 41
Insuffiicient Transport Layer Protection
Page 42
Improper Error Handling
Page 43
Insecure Cryptographic Storage
Page 44
Broken Authentication and Session Management
Page 45
Invalidated Redirects and Forwards
Page 46
Web Services Architecture
Page 47
Web Services Attacks
Page 48
Web Services Footprinting Attack
Page 49
Web Services XML Poisoning
Page 50
Web App Hacking Methodology
Page 51
Footprint Web Infrastructure
Page 52
Footprint Web Infrastructure: Server Discovery
Page 53
Footprint Web Infrastructure: Service Discovery
Page 54
Footprint Web Infrastructure: Server Identification/Banner Grabbing
Page 55
Detecting Web App Firewalls and Proxies on Target Site
Page 56
Footprint Web Infrastructure: Hidden Content Discovery
Page 57
Web Spidering Using Burp Suite
Page 58
Web Crawling Using Mozenda Web Agent Builder
Page 59
Web App Hacking Methodology
Page 60
Hacking Web servers
Page 61
Web server Hacking Tool: WebInspect
Page 62
Web App Hacking Methodology
Page 63
Analyze Web Applications
Page 64
Analyze Web Applications: Identify Entry Points for Users Input
Page 65
Analyze Web Applications: Identify Server-Side Technologies
Page 66
Analyze Web Applications: Identify Server-Side Functionality
Page 67
Analyze Web Applications: Map the Attack Surface
Page 68
Web App Hacking Methodology
Page 69
Attack Authentication Mechanism
Page 70
User Name Enumeration
Page 71
Password Attacks: Password Functionality Exploits
Page 72
Password Attacks: Password Guessing
Page 73
Password Attacks: Brute-Forcing
Page 74
Session Attacks: Session ID prediction/Brute-Forcing
Page 75
Cookie Exploitation: Cookie Poisoning
Page 76
Web App Hacking Methodology
Page 77
Authorization Attacks
Page 78
HTTP Request Tampering
Page 79
Authorization Attacks: Cookie Parameter Tampering
Page 80
Web App Hacking Methodology
Page 81
Session Management Attack
Page 82
Attacking Session Token Generation Mechanism
Page 83
Attacking Session Token Handling Mechanism: Session Token Sniffing
Page 84
Web App Hacking Methodology
Page 85
Injection Attacks/Input Validation Attacks
Page 86
Web App Hacking Methodology
Page 87
Attacks Data Connectivity
Page 88
Connection String Injection
Page 89
Connection String Parameter Pollution (CSPP) Attacks
Page 90
Connection Pool DoS
Page 91
Web App Hacking Methodology
Page 92
Attack Web App Client
Page 93
Web App Hacking Methodology
Page 94
Attack Web Services
Page 95
Web Services Probing Attacks
Page 96
Web Services Attacks: SOAP Injection
Page 97
Web Services Attacks: XML Injection
Page 98
Web Services Parsing Attacks
Page 99
Web Services Attack Tools: SoapUI and XMLSpy
Page 100
Web Application Hacking Tools: Burp Suite Professional
Page 101
Web Application Hacking Tool: CookieDigger
Page 102
Web Application Hacking Tool: WebScarab
Page 103
Web Application Hacking Tools
Page 104
Encoding Schemes
Page 105
Encoding Schemes (Cont’d)
Page 106
How to Defend Against SQL Injection Attacks
Page 107
How to Defend Against Command Injection Flaws
Page 108
How to Defend XSS Attack
Page 109
How to Defend Against DoS Attack
Page 110
How to Defend Against Web Services Attacks
Page 111
Guidelines for Secure CAPTCHA Implementation
Page 112
Web Application Attack Countermeasures
Page 113
Web Application Attack Countermeasures (Cont’d)
Page 114
Web Application Attack Countermeasures (Cont’d)
Page 115
How to Defend Against Web Application Attacks
Page 116
Web Application Security Tool: Acunetix Web Vulnerability Scanner
Page 117
Web Application Security Tool: Watcher Web Security Tool
Page 118
Web Application Security Tool: Netsparker
Page 119
Web Application Security Tool: N-Stalker Web Application Security Scanner
Page 120
Web Application Security Tool: VampireScan
Page 121
Web Application Security Tools
Page 122
Web Application Security Tools
Page 123
Web Application Firewall: dotDefender
Page 124
Web Application Firewall: ServerDefender VP
Page 125
Web Application Firewall
Page 126
Web Application Pen Testing
Page 127
Web Application Pen Testing (Cont’d)
Page 128
Information Gathering
Page 129
Information Gathering (Cont’d)
Page 130
Configuration Management Testing
Page 131
Authentication Testing
Page 132
Session Management Testing
Page 133
Authorization Testing
Page 134
Data Validation Testing
Page 135
Data Validation Testing (Cont’d)
Page 136
Data Validation Testing (Cont’d)
Page 137
Denial-of-Service Testing
Page 138
Denial-of-Service Testing (Cont’d)
Page 139
Web Services Testing
Page 141
Web Application Pen Testing Framework: Kali Linux
Page 142
Web Application Pen Testing Framework: Metasploit
Page 143
Web Application Pen Testing Framework: Browser Exploitation Framework(BeEF)
Page 144
Web Application Pen Testing Framework: PowerSploit
Page 145
Next Class• DVWA• sql injection• Sqlmap• Burp Suite