The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

When you are probing the application for common vulnerabilities by sub-

Download 5,76 Mb.

Pdf ko'rish

bet	851/875
Sana	01.01.2022
Hajmi	5,76 Mb.
	#293004

1 ... 847 848 849 850 851 852 853 854 ... 875

Bog'liq
3794 1008 4334

When you are probing the application for common vulnerabilities by sub-

mitting crafted attack strings in different parameters, always monitor the

application’s responses to identify any error messages that may contain

useful information.

■

Be aware that error information which is returned within the server’s

response may not be rendered on-screen within the browser. An efficient

way to identify many error conditions is to search each raw response for

keywords that are often contained in error messages. For example:

error

exception

illegal

invalid

fail

stack

access

directory

file

not found

varchar

ODBC

SQL

SELECT

■

When you send a series of requests modifying parameters within a base

Download 5,76 Mb.

Do'stlaringiz bilan baham:

1 ... 847 848 849 850 851 852 853 854 ... 875