|
Some
attack
techniques-
Hacking
-By
Nitin Kumar Verma
MSCLIS(2007-2009),
IIIT-Allahabad
Cross-Site
Scripting
(XSS)
Websites today are more complex than ever, containing a lot
of dynamic content making the experience for the user more
enjoyable. Dynamic websites suffer from a threat that static
websites don't, called "Cross Site Scripting". Cross site
scripting (also known as XSS) occurs when a web application
gathers malicious data from a user. This allows an attacker
to embed malicious JavaScript into the generated page,
allowing the attacker to execute script on the machine of
any user that views the malicious page. Any site that allows
users to post text messages can be vulnerable to an attack
such as this.
example: PayPal was targeted when attackers redirected
PayPal visitors to a page warning users their accounts had
been compromised. Victims were redirected to a phishing site
and prompted to enter PayPal login information, Social
Security numbers and credit card details. PayPal said it
closed the vulnerability in June 2006.
DoS attack
A denial-of-service attack (DoS attack) or distributed
denial-of-service attack (DDoS attack) is an attempt to make
a computer resource unavailable to its intended users. In a
denial of service attack, the user sends several
authentication requests to the server, filling it up. All
requests have false return addresses, so the server can't
find the user when it tries to send the authentication
approval. The server waits, sometimes more than a minute,
before closing the connection. When it does close the
connection, the attacker sends a new batch of forged
requests, and the process begins again--tying up the service
indefinitely.
Cookie
Manipulation
Many Web
applications use cookies to save information (for example,
user ID's and timestamps) on the client's machine. Often,
cookies are not securely encoded, allowing a hacker to
modify them. By changing these values, or "poisoning" the
cookie, malicious users can gain access to the accounts and
information of other users. As well, attackers can also
steal a user's cookie and gain direct access to the user's
account, bypassing the need to enter an ID and password or
other form of authentication.
Broken authentication and session management
Flaws in the main authentication mechanism are not uncommon,
but weaknesses are more often introduced through ancillary
authentication functions such as logout, password
management, timeout, remember me, secret question and
account update.
User and administrative accounts can be hijacked when
applications fail to protect credentials and session tokens
from beginning to end. Watch out for privacy violations and
the undermining of authorization and accountability
controls.
Example: Microsoft had to eliminate a vulnerability in
Hotmail that could have let malicious JavaScript programmers
steal user passwords in 2002. Revealed by a networking
products reseller, the flaw was vulnerable to e-mails
containing Trojans that altered the Hotmail user interface,
forcing users to repeatedly reenter their passwords and
unwittingly send them to hackers.
Injection flaws
When user-supplied data is sent to interpreters as part of a
command or query, hackers trick the interpreter which
interprets text-based commands into executing unintended
commands. Injection flaws allow attackers to create, read,
update, or delete any arbitrary data available to the
application, OWASP writes. In the worst-case scenario, these
flaws allow an attacker to completely compromise the
application and the underlying systems, even bypassing
deeply nested firewalled environments.
Example: Russian hackers broke into a Rhode Island
government Web site to steal credit card data in January
2006. Hackers claimed the SQL injection attack stole 53,000
credit card numbers, while the hosting service provider
claims it was only 4,113.
|