Web Application Vulnerabilities

Name: Web Application Vulnerabilities
Brand: Elsevier Science & Techn.
Price: 48.99 EUR
Availability: InStock

Detect, Exploit, Prevent

(0 Bewertungen)15

490 Lesepunkte

eBook pdf

Buch (kartoniert)64,49 €

48,99 €inkl. Mwst.

Sofort lieferbar (Download)

In this book, we aim to describe how to make a computer bend to your will by finding and exploiting vulnerabilities specifically in Web applications. We will describe common security issues in Web applications, tell you how to find them, describe how to exploit them, and then tell you how to fix them. We will also cover how and why some hackers (the bad guys) will try to exploit these vulnerabilities to achieve their own end. We will also try to explain how to detect if hackers are actively trying to exploit vulnerabilities in your own Web applications.

Learn to defend Web-based applications developed with AJAX, SOAP, XMLPRC, and more.
See why Cross Site Scripting attacks can be so devastating.

Inhaltsverzeichnis

1;Front Cover;1 2;Web Application Vulnerabilities Detect, Exploit, Prevent;2 3;Copyright Page;4 4;Contributing Authors;6 5;Contents;10 6;Chapter 1 : Introduction to Web Application Hacking;17 6.1;Introduction;18 6.2;Web Application Architecture Components;19 6.2.1;The Web Server;19 6.2.2;The Application Content;19 6.2.3;The Data Store;20 6.3;Complex Web Application Software Components;20 6.3.1;Login;20 6.3.2;Session Tracking Mechanism;22 6.3.3;User Permissions Enforcement;25 6.3.4;Role Level Enforcement;26 6.3.5;Data Access;26 6.3.6;Application Logic;26 6.3.7;Logout;27 6.4;Putting it all Together;27 6.5;The Web Application Hacking Methodology;28 6.5.1;Define the Scope of the Engagement;29 6.5.1.1;Before Beginning the Actual Assessment;30 6.5.2;Open Source Intelligence Scanning;31 6.5.3;Default Material Scanning;32 6.5.4;Base Line the Application;33 6.5.5;Fuzzing;34 6.5.6;Exploiting/Validating Vulnerabilities;35 6.5.7;Reporting;36 6.6;The History of Web Application Hacking and the Evolution of Tools;37 6.6.1;Example 1: Manipulating the URL Directly (GET Method Form Submittal);42 6.6.2;Example 2: The POST Method;47 6.6.3;Example 3: Man in the Middle Sockets;53 6.6.4;The Graphical User Interface Man in the Middle Proxy;61 6.6.5;Common (or Known) Vulnerability Scanners;65 6.6.6;Spiders and other Crawlers;65 6.6.7;Automated Fuzzers;65 6.6.8;All in One and Multi Function Tools;65 6.6.9;OWASP's WebScarab Demonstration;66 6.6.9.1;Starting WebScarab;68 6.6.9.2;Next: Create a new session;69 6.6.9.3;Next: Ensure the Proxy Service is Listening;72 6.6.9.4;Next, Configure Your Web Browser;73 6.6.9.5;Next, Configure WebScarab to Intercept Requests;75 6.6.9.6;Next, Bring up the Summary Tab;76 6.6.10;Web Application Hacking Tool List;84 6.6.11;Security E-Mail Lists;85 6.7;Summary;89 7;Chapter 2 : Information Gathering Techniques;91 7.1;Introduction;92 7.2;The Principles of Automating Searches;92 7.2.1;The Original Search Term;96 7.2.2;Expanding Search Terms;96 7.2.2.1;E-mail Address
es;97 7.2.2.2;Telephone Numbers;99 7.2.2.3;People;101 7.2.2.4;Getting Lots of Results;101 7.2.2.5;More Combinations;104 7.2.2.6;Using "Special" Operators;104 7.2.3;Getting the Data From the Source;105 7.2.3.1;Scraping it Yourself - Requesting and Receiving Responses;105 7.2.3.2;Scraping it Yourself - The Butcher Shop;111 7.2.3.3;Dapper;116 7.2.3.4;Aura/EvilAPI;117 7.2.3.5;Using Other Search Engines;118 7.2.4;Parsing the Data;118 7.2.4.1;Parsing E-mail Addresses;118 7.2.4.2;Domains and Sub-domains;122 7.2.4.3;Telephone Numbers;123 7.2.5;Post Processing;125 7.2.5.1;Sorting Results by Relevance;125 7.2.5.2;Beyond Snippets;127 7.2.5.3;Presenting Results;127 7.3;Applications of Data Mining;128 7.3.1;Mildly Amusing;128 7.3.2;Most Interesting;131 7.3.2.1;Taking It One Step Further;143 7.4;Collecting Search Terms;146 7.4.1;On the Web;146 7.4.2;Spying on Your Own;148 7.4.2.1;Search Terms;148 7.4.2.2;Gmail;151 7.4.3;Honey Words;153 7.4.4;Referrals;155 7.5;Summary;157 8;Chapter 3 : Introduction to Server Side Input Validation Issues;159 8.1;Introduction;160 8.2;Cross Site Scripting (XSS);162 8.2.1;Presenting False Information;163 8.2.1.1;How this Example Works;164 8.2.2;Presenting a False Form;165 8.2.3;Exploiting Browser Based Vulnerabilities;168 8.2.4;Exploit Client/Server Trust Relationships;168 9;Chapter 4 : Client-Side Exploit Frameworks;171 9.1;Introduction;172 9.2;AttackAPI;172 9.2.1;Enumerating the Client;177 9.2.2;Attacking Networks;188 9.2.3;Hijacking the Browser;196 9.2.4;Controlling Zombies;200 9.3;BeEF;204 9.3.1;Installing and Configuring BeEF;205 9.3.2;Controlling Zombies;206 9.3.3;BeEF Modules;207 9.3.4;Standard Browser Exploits;210 9.3.5;Port Scanning with BeEF;211 9.3.6;Inter-protocol Exploitation and Communication with BeEF;212 9.4;CAL9000;214 9.4.1;XSS Attacks, Cheat Sheets, and Checklists;215 9.4.2;Encoder, Decoders, and Miscellaneous Tools;218 9.4.3;HTTP Requests/Responses and Automatic Testing;220 9.5;Overview of XSS-Proxy;223 9.5.1;XSS-Proxy Hijacking Ex
plained;226 9.5.1.1;Browser Hijacking Details;228 9.5.1.1.1;Initialization;228 9.5.1.1.2;Command Mode;229 9.5.1.2;Attacker Control Interface;231 9.5.2;Using XSS-Proxy: Examples;232 9.5.2.1;Setting Up XSS-Proxy;232 9.5.2.2;Injection and Initialization Vectors For XSS-Proxy;235 9.5.2.2.1;HTML Injection;235 9.5.2.2.2;JavaScript Injection;236 9.5.2.3;Handoff and CSRF With Hijacks;238 9.5.2.3.1;CSRF;238 9.5.2.3.2;Handoff Hijack to Other Sites;238 9.5.2.4;Sage and File:// Hijack With Malicious RSS Feed;239 9.6;Summary;259 9.7;Solutions Fast Track;259 9.8;Frequently Asked Questions;261 10;Chapter 5 : Web-Based Malware;263 10.1;Introduction;264 10.2;Attacks on the Web;264 10.3;Hacking into Web Sites;266 10.4;Index Hijacking;268 10.5;DNS Poisoning (Pharming);273 10.6;Malware and the Web: What, Where, and How to Scan;278 10.6.1;What to Scan;278 10.6.2;Where to Scan;281 10.6.3;How to Scan;282 10.7;Parsing and Emulating HTML;284 10.8;Browser Vulnerabilities;287 10.9;Testing HTTP-scanning Solutions;289 10.10;Tangled Legal Web;290 10.11;Summary;292 10.12;Solutions Fast Track;292 10.13;Frequently Asked Questions;297 11;Chapter 6 : Web Server and Web Application Testing with BackTrack;299 11.1;Objectives;300 11.2;Introduction;300 11.2.1;Web Server Vulnerabilities: A Short History;300 11.2.2;Web Applications: The New Challenge;301 11.2.3;Chapter Scope;301 11.3;Approach;302 11.3.1;Web Server Testing;302 11.3.2;CGI and Default Pages Testing;304 11.3.3;Web Application Testing;305 11.4;Core Technologies;305 11.4.1;Web Server Exploit Basics;305 11.4.1.1;What Are We Talking About?;305 11.4.1.1.1;Stack-Based Overflows;306 11.4.1.1.2;Heap-based Overflows;309 11.4.2;CGI and Default Page Exploitation;309 11.4.3;Web Application Assessment;312 11.4.3.1;Information Gathering Attacks;312 11.4.3.2;File System and Directory Traversal Attacks;312 11.4.3.3;Command Execution Attacks;313 11.4.3.4;Database Query Injection Attacks;313 11.4.3.5;Cross-site Scripting Attacks;314 11.4.3.6;Impersonation Attac
ks;314 11.4.3.7;Parameter Passing Attacks;314 11.5;Open Source Tools;314 11.5.1;Intelligence Gathering Tools;315 11.5.2;Scanning Tools;323 11.5.3;Assessment Tools;335 11.5.3.1;Authentication;339 11.5.3.2;Proxy;351 11.5.4;Exploitation Tools;353 11.5.4.1;Metasploit;353 11.5.4.2;SQL Injection Tools;357 11.5.4.2.1;DNS Channel;360 11.5.4.2.2;Timing Channel;361 11.5.4.2.3;Requirements;361 11.5.4.2.4;Supported Databases;361 11.5.4.2.5;Example Usage;362 11.6;Case Studies: The Tools in Action;364 11.6.1;Web Server Assessments;364 11.6.2;CGI and Default Page Exploitation;371 11.6.3;Web Application Assessment;379 12;Chapter 7 : Securing Web Based Services;397 12.1;Introduction;398 12.2;Web Security;398 12.2.1;Web Server Lockdown;398 12.2.1.1;Managing Access Control;399 12.2.1.2;Handling Directory and Data Structures;400 12.2.1.2.1;Directory Properties;400 12.2.1.3;Eliminating Scripting Vulnerabilities;402 12.2.1.4;Logging Activity;403 12.2.1.5;Performing Backups;403 12.2.1.6;Maintaining Integrity;404 12.2.1.7;Finding Rogue Web Servers;404 12.2.2;Stopping Browser Exploits;405 12.2.2.1;Exploitable Browser Characteristics;406 12.2.2.2;Cookies;406 12.2.2.3;Web Spoofing;408 12.2.2.4;Web Server Exploits;411 12.2.3;SSL and HTTP/S;412 12.2.3.1;SSL and TLS;413 12.2.3.2;HTTP/S;414 12.2.3.3;TLS;415 12.2.3.4;S-HTTP;416 12.3;Instant Messaging;416 12.3.1;Packet Sniffers and Instant Messaging;417 12.3.2;Text Messaging and Short Message Service (SMS);418 12.4;Web-based Vulnerabilities;419 12.4.1;Understanding Java-, JavaScript-, and ActiveX-based Problems;420 12.4.1.1;Java;420 12.4.1.2;ActiveX;422 12.4.1.3;Dangers Associated with Using ActiveX;425 12.4.1.4;Avoiding Common ActiveX Vulnerabilities;427 12.4.1.5;Lessening the Impact of ActiveX Vulnerabilities;428 12.4.1.6;Protection at the Network Level;428 12.4.1.7;Protection at the Client Level;429 12.4.1.8;JavaScript;430 12.4.2;Preventing Problems with Java, JavaScript, and ActiveX;431 12.4.3;Programming Secure Scripts;434 12.4.4;Code Signing:
Solution or More Problems?;435 12.4.5;Understanding Code Signing;436 12.4.6;The Benefits of Code Signing;436 12.4.7;Problems with the Code Signing Process;437 12.5;Buffer Overflows;438 12.6;Making Browsers and E-mail Clients More Secure;440 12.6.1;Restricting Programming Languages;440 12.6.2;Keep Security Patches Current;441 12.7;Securing Web Browser Software;442 12.7.1;Securing Microsoft IE;442 12.8;CGI;447 12.8.1;What is a CGI Script and What Does It Do?;447 12.8.2;Typical Uses of CGI Scripts;449 12.9;Break-ins Resulting from Weak CGI Scripts;450 12.9.1;CGI Wrappers;452 12.9.2;Nikto;452 12.10;FTP Security;453 12.10.1;Active and Passive FTP;453 12.10.2;S/FTP;454 12.10.3;Secure Copy;455 12.10.4;Blind FTP/Anonymous;455 12.10.5;FTP Sharing and Vulnerabilities;456 12.10.6;Packet Sniffing FTP Transmissions;457 12.11;Directory Services and LDAP Security;457 12.11.1;LDAP;458 12.11.1.1;LDAP Directories;459 12.11.1.2;Organizational Units;459 12.11.1.3;Objects, Attributes and the Schema;460 12.11.1.4;Securing LDAP;461 12.12;Summary;464 12.13;Solutions Fast Track;464 12.14;Frequently Asked Questions;467 13;Index;469

Produktdetails

Erscheinungsdatum

18. April 2011

Sprache

englisch

Seitenanzahl

480

Autor/Autorin

Steven Palmer

Verlag/Hersteller

Elsevier Science & Techn.

Kopierschutz

mit Wasserzeichen versehen

Produktart

EBOOK

Dateiformat

PDF

ISBN

9780080556642

Entdecken Sie mehr

Informationstechnik (IT), allgemeine Themen

Computersicherheit

Computernetzwerke und maschinelle Kommunikation

Informationstechnik (IT), allgemeine Themen

Computersicherheit

Computernetzwerke und maschinelle Kommunikation

Portrait

Steven Palmer

Steve has 16 years of experience in the information technology industry. Steve has worked for several very successful security boutiques as an ethical hacker. Steve has found hundreds of previously undiscovered critical vulnerabilities in a wide variety of products and applications for a wide variety of clients. Steve has performed security assessments and penetration tests for clients in many diverse industries and government agencies. He has performed security assessments for companies in many different verticals such as the entertainment, oil, energy, pharmaceutical, engineering, automotive, aerospace, insurance, computer & network security, medical, and financial & banking industries. Steve has also performed security assessments for government agencies such as the Department of Interior, Department of Treasury, Department of Justice, Department of Interior, as well as the Intelligence Community. Steve's findings have lead to the entire Department of Interior being disconnected from the Internet. Prior to being a security consultant Steve worked as a System Administrator, administering firewalls, UNIX systems, and databases for the Department of Defense, Department of Treasury, and the Department of Justice. Prior to that, Steve served 6 years in the United States Navy as an Electronics Technician. Steve has also written several security tools which have yet to be released publicly. Steve is also a member of the FBI's Infragard organization.

Bewertungen

0 Bewertungen

Es wurden noch keine Bewertungen abgegeben. Schreiben Sie die erste Bewertung zu "Web Application Vulnerabilities" und helfen Sie damit anderen bei der Kaufentscheidung.