INTRODUCTION
There is a lot of ground to cover before you start to look at specific tools and how to configure and execute them to best suit your desires to exploit web applica-tions. This chapter covers all the areas you need to be comfortable with before we get into these tools and techniques of web hacking. In order to have the strong foundation you will need for many years of happy hacking, these are core fun damentals you need to fully understand and comprehend. These fundamentals iincludematerial related to the most common vulnerabilities that continue to plague the web even though some of them have been around for what seems like forever. Some of the most damaging web application vulnerabilities “in the wild” are still as widespread and just as damaging over 10 years after being discovered.
It’s also important to understand the time and place for appropriate and ethni-cal use of the tools and techniques you will learn in the chapters that follow. As one of my friends and colleagues likes to say about using hacking tools, “it’s all fun and games until the FBI shows up!” This chapter includes step-by-step guid-ance on preparing a sandbox (isolated environment) all of your own to provide a safe haven for your web hacking experiments.
As security moved more to the forefront of technology management, the over-all security of our servers, networks, and services has greatly improved. This is in large part because of improved products such as firewalls and intrusion detection systems that secure the network layer. However, these devices do little to protect the web application and the data that are used by the web applica-tion. As a result, hackers shifted to attacking the web applications that directly interacted with all the internal systems, such as database servers, that were now being protected by firewalls and other network devices.
In the past handful of years, more emphasis has been placed on secure software development and, as a result, today’s web applications are much more secure than previous versions. There has been a strong push to include security earlier in the software development life cycle and to formalize the specification of secu-rity requirements in a standardized way. There has also been a huge increase in the organization of several community groups dedicated to application secu-rity, such as the Open Web Application Security Project. There are still blatantly vulnerable web applications in the wild, mainly because programmers are more concerned about functionality than security, but the days of easily exploiting seemingly every web application are over.
Therefore, because the security of the web application has also improved just like the network, the attack surface has again shifted; this time toward attacking web users. There is very little that network administrators and web programmers can do to protect web users against these user-on-user attacks that are now so prevalent. Imagine a hacker’s joy when he can now take aim on an unsuspect-ing technology-challenged user without having to worry about intrusion detec-tion systems or web application logging and web application firewalls. Attackers are now focusing directly on the web users and effectively bypassing any and all safeguards developed in the last 10+ years for networks and web applications.
However, there are still plenty of existing viable attacks directed at web servers and web applications in addition to the attacks targeting web users. This book will cover how all of these attacks exploit the targeted web server, web applica-tion, and web user. You will fully understand how these attacks are conducted and what tools are needed to get the job done. Let’s do this!
WHAT IS A WEB APPLICATION?
The term “web application” has different meanings to different people. Depending on whom you talk to and the context, different people will throw around terms like web application, web site, web-based system, web-based software or simply Web and all may have the same meaning. The widespread adoption of web appli-cations actually makes it hard to clearly differentiate them from previous genera-tion web sites that did nothing but serve up static, noninteractive HTML pages.
The term web application will be used throughout the book for any web-based software that performs actions (functionality) based on user input and usually interacts with backend systems. When a user interacts with a web site to perform some action, such as logging in or shopping or banking, it’s a web application.
Relying on web applications for virtually everything we do creates a huge attack surface (potential entry points) for web hackers. Throw in the fact that web applications are custom coded by a human programmer, thus increasing the likelihood of errors because despite the best of intentions. Humans get bored, hungry, tired, hung-over, or otherwise distracted and that can introduce bugs into the web application being developed. This is a perfect storm for hackers to exploit these web applications that we rely on so heavily.
One might assume that a web application vulnerability is merely a human error that can be quickly fixed by a programmer. Nothing could be further from the truth: most vulnerabilities aren’t easily fixed because many web application flaws dates back to early phases of the software development lifecycle. In an effort to spare you the gory details of software engineering methodologies, just realize that security is much easier to deal with (and much more cost effective) when considered initially in the planning and requirements phases of software development. Security should continue as a driving force of the project all the way through design, construction, implementation, and testing. But alas, security is often treated as an afterthought too much of the time; this type of development leaves the freshly created web applications ripe with vulner-abilities that can be identified and exploited for a hacker’s own nefarious reasons.
Web hacking basic book.
Comments
Post a Comment