Web Application Security the Fast Guide: Learning algorithms, the best guide for learning to protect web applications by khiami Dr . sami

Author:khiami , Dr . sami [khiami , Dr . sami]
Language: eng
Format: epub
Publisher: UNKNOWN
Published: 2020-06-13T16:00:00+00:00

If the mapping and analysis level showed flaws on the client side it will be a good idea to begin there. The client (browser) is easily reachable by attacker and can be compromise and manipulated to initiate a full attack or partial attack as base

for other types of attacks. Due to the many types of possible client attacks the coming parts will explain some possible attack execution scenario on client and examples about each type.

5.2 Two types ofattacks

Trickery

Attacks

Exploit Attacks

No matter what technologies are used in attacking client side, all attacks will take one of two main types: Exploits and Trickery.

In Exploit attacks a malicious code is executed on the client side and its host due

to resident vulnerability and of course the countermeasure can simply be getting

rid of that exploited vulnerability, from the other hand the trickery attacks are

based on behavior of human operator after getting seduced by an attractive

message or offer to make action that disclose important information or be used

to access the information or allow the attacker to install a software that can be used later to extract data from client machine.

5.3 Alteringcookies

Send a request to sever Send a response with legitimate

Intercept request

with Burp

Alter and

retransmit

Write altered cookie on the client Send Altered cookie with privileged value to sever

Send a privileged response

Figure 30:Cookie alter attack This type of attack focus on altering content of a cookie where cookies are text based files stored by the server on clients’ machines.

Attack requirement: Existence of a cookie used to store state information .A The used cookie is used directly without being checked by the server. .B Attack process Using a proxy capture the request or the response writing the cookie. .C Alter the cookie value after intercepting request or response. .D Release the altered request or response. .E

Example:

HTTP/1.1 200 OK Set-Cookie: DiscountType=3 Content-Length: 1230 ………

The previous listing represents a part of response containing a cookie named (DiscountType) that will be written to the client and used in the next request for purchasing a service. Using a proxy tool like (Burp Proxy) setup the proxy to intercept response and rewrite the value of this cookie to point to different discount type and pass it to browser to Using intercept tab forward the request by clicking the forward button. .A

On receiving the response edit the discount type using message editor. .B Forward the altered message to the browser to write the cookie to your .C machine The next request to the same site will hold the altered cookie and will .D cause changing the discount type.

5.4 Flash Cookies(LSO)

Send a request to sever to get App.swf 1 2 Respond sending App.swf App.swf write on

client machine .lso 3

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.