Hacking E Book
description
Transcript of Hacking E Book
-
Hey guys, Welcome to Mighty Shouts and let me formally introduce myself to you. Im Utkarsh Wadhwa , and I manage and run Mighty Shouts. Im a passionate guy, and love computing and internet.
Im currenty pursuing B.tech IT from Galgotia's College of Engineering and
Technology, Greater Noida. I finished my schooling from Bareilly .
Computer and technology have been my passion since I was a child and after few blogs
and communities on technology .I started Mighty Shouts.
I am a computer junkie and loves spending time on the computer learning new
techniques.I am a passionate blogger.I am a strong supporter of Anonymous &
Wikileaks.I have designed complex networks .I am a Red hat certified Linux system
administrator (RHCSA),Red hat certified engineer(RHCE),Cisco certified network
associate(CCNA ),Red hat certified engineer(RHCE),Cisco certified network
associate(CCNA),CEH.
-
REFERENCES
Information and resources from Internet were
extensively used for the creation of this presentation. 2
-
HTTP BASICS
Client Server Model. Client - Request resources from the Server. Server - Provides the requested resources. Request-response / Request-reply Model Resources are identified by URI / URL
3
-
HTTP RESPONSE CODE
For every request, server responds with a
response code . 4
-
HTTP RESPONSE CODE
1xx = Informational 2xx = Success - e.g. 200 OK 3xx = Redirection e.g. 302 Moved Temporarily 4xx = Client Error e.g. 401 Unauthorized 5xx = Server Error
5
-
HTTP RESPONSE CODE - DEMO
Wireshark Log curl
6
-
VERSIONS
HTTP 1.0 HTTP 1.1
7
-
VERSIONS - DIFFERENCE
HTTP 1.0
Require one connection per resource
Disconnect immediately. HTTP 1.1
Reuse connection for multiple URI 8
-
VERSIONS - OTHER DEVELOPMENTS
HTTP/1.2 Extension Protocol (PEP) PEP - The Protocol Extension Protocol
9
-
HTTP REQUEST METHODS
According to Wikipedia:
HTTP defines methods
Indicate the desired action to be
performed on the identified resource.
Methods are also referred to as verbs. 10
-
HTTP REQUEST METHODS
Summary: it is an operation which you can
perform on a resource on the web server. 11
-
HTTP/1.0 METHODS
GET, POST and HEAD methods
12
-
HTTP/1.1 ADDITIONAL METHODS
OPTIONS, PUT, DELETE, TRACE and CONNECT.
13
-
DEMO - HTTP/1.0 METHODS
GET, POST and HEAD methods
14
-
HTTP METHOD TESTING
Process of enumerating the HTTP options
available on a web server. Cross Site Tracing (XST), a form of cross site
scripting using the server's HTTP TRACE method
-
INJECTION ATTACKS
Frontend Backend
16
-
FRONT-END
Rendering Attacks
HTML Injection Code Execution
JS Injection
XSS
17
-
BACKEND
Command Injection
SQL Injection 18
-
HTML INJECTION
User input not sanitized. HTML Tags / Code Injected. Page rendered based on the injected code.
19
-
SQL INJECTION
It is the code injection technique used to attack the data driven applications in which malicious SQL statements are inserted into the entry field for execution .
This will dump the database contents to
the attacker.
20
-
XSS
Cross Site Scripting is a type of computer security vulnerability typically found in Web applications.
XSS allow the attacker to inject client side script to the webpages.
21
-
OWASP
Broken Authentication and Session
Management Insecure Direct Object References CSRF Security Misconfiguration
22
-
OWASP
Insecure Cryptographic Storage Failing to Restrict URL Access Insufficient Transport Layer Protection Unvalidated Redirects and Forwards
23
-
SUMMARY 24
-
REFERENCES
http://en.wikipedia.org/wiki/List_of_HTTP_status_codes http://www8.org/w8-
papers/5c-protocols/key/key.html
http://stackoverflow.com/questions/246859/http-1-0-vs-1-1
http://devhub.fm/http-requestresponse-basics/
http://wiki.hashphp.org/HttpPrimer http://www.w3.org/TR/WD-http-pep-
960820.html http://www.infoq.com/news/2011/04/http-1.2-released
http://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol#Request_methods
http://www.fishnetsecurity.com/6labs/blog/jboss-jmx-console-authentication-bypass
http://jeremiahgrossman.blogspot.in/2008/06/what-you-need-to-know-about-http-verb.html
https://www.owasp.org/index.php/Testing_for_HTTP_Verb_Tampering_%28OWASP-DV-
003%29 http://photos1.blogger.com/blogger2/1912/1679/1600/vulnerability_stack.png
25
-
GOOD SECURITY PROFESSIONAL
A good security professional is someone who always looks both ways before crossing a one-way street.
-
page2page3page4page5page6page7page8page9page10page11page12page13page14page15page16page17page18page19page20page21page22page23page24page25page26page27