The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws


Identify all entry points for user input, including URLs, query string para-



Download 5,76 Mb.
Pdf ko'rish
bet158/875
Sana01.01.2022
Hajmi5,76 Mb.
#293004
1   ...   154   155   156   157   158   159   160   161   ...   875
Bog'liq
3794 1008 4334

Identify all entry points for user input, including URLs, query string para-

meters, 

POST


data, cookies, and other HTTP headers processed by the

application.



Examine the query string format used by the application. If it does not



employ the standard format described in Chapter 3, try to understand

how parameters are being transmitted via the URL. Virtually all custom

schemes still employ some variation on the name/value model, so try to

understand how name/value pairs are being encapsulated into the non-

standard URLs you have identified.



Identify any out-of-bound channels via which user-controllable or other



third-party data is being introduced into the application’s processing.



View the HTTP Server banner returned by the application. Note that in



some cases, different areas of the application are handled by different

back-end components, and so different 

Server


headers may be

received.



Check for any other software identifiers contained within any custom



HTTP headers or HTML source code comments.



Run the Httprint tool to fingerprint the web server.



If fine-grained information is obtained about the web server and other

components, research the software versions in use to identify any vulner-

abilities that may be exploited to advance an attack (see Chapter 17).



Review your map of application URLs, to identify any interesting-looking



file extensions, directories, or other subsequences that may provide clues

about the technologies in use on the server.

(continued)

Chapter 4 



Mapping the Application



87

70779c04.qxd:WileyRed  9/14/07  3:12 PM  Page 87



HACK STEPS (continued)



Review the names of all session tokens issued by the application to iden-



tify the technologies being used.



Use lists of common technologies, or Google, to establish which tech-



nologies may be in use on the server, or discover other web sites and

applications that appear to be employing the same technologies.



Perform searches on Google for the names of any unusual cookies,



scripts, HTTP headers, and the like that may belong to third-party soft-

ware components. If you locate other applications in which the same

components are being used, review these to identify any additional 

functionality and parameters that the components support, and verify

whether these are also present in your target application. Note that third-


Download 5,76 Mb.

Do'stlaringiz bilan baham:
1   ...   154   155   156   157   158   159   160   161   ...   875



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish