The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

 vulnerabilities have been publicly announced in Microsoft’s IIS 6 web server.

However, in the time since this product was first released, a very large number

of flaws have been disclosed in Microsoft’s Internet Explorer browser. As the

general awareness of security threats has evolved, the front line of the battle

between software developers and hackers has moved from the server to the

client.

Although web application security is still some way behind the curve just

described, the same trend can be detected. A decade ago, most applications on

the Internet were riddled with critical flaws like command injection, which

could be easily found and exploited by any attacker with a bit of knowledge.

Although many such vulnerabilities still exist today, they are slowly becoming

less widespread and more difficult to exploit. Meanwhile, even the most

 security-critical applications still contain many easily discoverable client-side

flaws. A key focus of recent research has been on this kind of vulnerability,

with defects such as session fixation first being discussed many years after

most categories of server-side bugs were widely known about. Media focus on

web security is predominantly concerned with client-side attacks, with such

terms as spyware, phishing, and Trojans being common currency to many

journalists who have never heard of SQL injection or path traversal. And

attacks against web application users are an increasingly lucrative criminal

business. Why go to the trouble of breaking into an Internet bank, when it has

10 million customers and you can compromise 1% of these in a relatively crude

attack that requires little skill or elegance?

Attacks against other application users come in many forms and manifest a

variety of subtleties and nuances that are frequently overlooked. They are also

less well understood in general than the primary server-side attacks, with dif-

ferent flaws being conflated or neglected even by some seasoned penetration

testers. We will describe all of the different vulnerabilities that are commonly

encountered and spell out the practical steps you need to perform to identify

and exploit each of these.

Download 5,76 Mb.

Do'stlaringiz bilan baham: