Exploring Web Vulnerabilities and Weak Spots
Hey! w0rms this is Viv and today in this article we're going to explore Web Vulnerabilities and Weak Spots. I've compiled six very important vulnerable and weak spots of Web Technology and believe me it will really help you to know lots of stuffs about Security, Vulnerability and obviously Hacking!.
Things you must know
- Little bit Networking (TCP/IP, HTTP etc...)
- HTML, JS, SQL and C (At-least 40%)
- Must be familiar with LAMP (Linux, Apache, MySQL, and PHP).
Weak Spots and Vulnerabilities of Web Technology
If you explore web vulnerabilities deeper you'll find six weak spots of web technology that can lead to massive attack. Below is the quick overview and introduction to all those six weak spots. If any of the them are vulnerable any website, server can be hacked.
1. Web Platform : Web Platform Software Vulnerabilities like HTTP Server Software for eg. (Apache, IIS etc) vulnerabilities and Development framework like (ASP.NET or PHP).
- Server Vulnerability Exploitation
- Command Execution
- Apache and IIS : HTTP Software Vulnerability
2. Web Application : Most Web Attacks against authentication, authorization, site structure, input validation, application logic, and management interfaces
- HTML, JS Injection, CSRF
- Brute Force Attack
- Spoofing and Sniffing
- Code Injection and Cookie Injection
3. Database : Executing privileged comemands via database queries and query often used Input box, Login forms or URL.
- SQL Injection
- XML Injection
- Oracle Vulnerabilities
4. Web Client : Web browser vulnerability, client-side script execution
- Cross Site Scripting
- LFI and RFI
- Cookie Stealing
5. Transport and Communication : Commonly also know as URL Redirection, Eavesdropping on client-server communications/ SSL redirection etc.
- URL Redirection
- Stealing Session Tokens and Cookies
- SSL Redirection
6. Availability : DOS (Denial of Service) or DDOS (Distributed Denail of Service). most sensational “hacking” attacks. When nothing works just DOS it!
ConversionConversion EmoticonEmoticon