Thursday, April 12, 2012

Input Manipulation : Web Application Vulnerabilities

  • URL Manipulation CGI Parameter Tampering
  • HTTP Client-Header Injection
  • Filter/Intrusion Detection Evasion
  • Protocol/Method Manipulation
In the context of a web based attack (or web server attack), the attacker will first try to probe and manipulate the input fields to gain access into the web server. They can be broadly categorized as given below.

URL Manipulation CGI Parameter Tampering: This is perhaps the easiest of the lot. By inserting unacceptable or unexpected input in the url through the browser, the attacker tries to gauge whether the server is protected against common vulnerabilities.

HTTP Client-Header Injection: The next accessible point is the HTTP header. Using HTTP tags such as referrer, the attacker can manipulate the client side to suit his needs.

Filter/Intrusion Detection Evasion: The best part of attacking a web server is that the attacker can use the default port of entry - namely port 80 - to gain access into the network. As this is a standard port open for business needs, it is easy to evade intrusion detection systems or firewalls.

Protocol/Method Manipulation: Manipulating the particular protocol or the method used in the function, the attacker can hack into a web server.

Overflows: Some web server vulnerabilities take advantage of buffer overflows. The advantage is that by using buffer overflow techniques, the attacker can also make the server execute a code of his choice, making it easier for him to exploit the server further.

---Regards,
Amarjit Singh

No comments:

Post a Comment