Securing Web Applications and Softwares
Denial of Service
DOS attacks are attacks on the availability of a service.Type of Attacks
- DHCP
DHCP use DORA (Demand - Offer - Request - Acknowledgement)
'D'-Flood: Technique & DHCP STARV: Tool - Network
- The idea here is to destroy commnication on the network
- Most networks are switched
- which have CAM-Table (mapping IP:MAC)
- if the CAM is filled then the switch degrades to a HUB
- So the trick here is to fill this table and then BAM!
-
# = N OLD = 8 (normal bandwidth consumption, for example 8) 8 NEW =(N)^
- Tool:
macof -i eth1
- Mitigation by implementing port security on the switch
- Connection Threshold
- Bandwidth Congestion
Connection Threshold
On a TCP/IP connection handshake, attackers can attack on the Open State (Time between Sync and Ack(One mititgation state is to reduce the Open State wait time (usually 4s). However the attacker can send Sync packets at a rate greater than the rate the servers drops the packets. We can use hping3
hping3 server.address -S -a spoofed.address --flood option -S (enable sync flag) -a to spoof addresss.
Bandwidth Congestion - DDOS
Distributed Denial of Service - Practically you need a Botnet (such as PRO-RAT)||||||||||||||||| VVVVVVVVVVVVVVVVV ----------------- Buffer Space ----------------- || ----------------- Webserver -----------------
Web-Application Vulnerabilities
https://www.owasp.org/ OWASP - Open Wen App. Security ProjectTop Vulnerabilities
- Sequel Injection
- Cross Site Scripting
- Buffer Overflow
Sequel Injection
Hackers are interested in getting user names and passwords but this is not easy. Typically they need to find some zero day Vulnerabilities in either the firewall, database or both.A better way is to inject SQL queries directly into the database:
SELECT * FROM WHERE COL NAME = PASSWORD 1'or'1'='1
One good defense to this type of attack is:
- Validate Characters
- Ensure Length of Query is Limited
Cross Site Scripting Attacks
The Vulnerabilities provides the attacker the ability to induce his source code into the source code of the web application.<script>alert(xss);</script>If the Vulnerability is found
- Redirect Users
- Cookie Stealing
- Session Hijacking
- Cookie Manager
- Website Defacement
- Encrypted Session ID
Buffer Overflows
Sources and Links
01dec16 | admin |