Upload File

«how to start in web application penetration testing» by maxim dzhalamaga

  • Home
  • Engineering
  • «How to start in web application penetration testing» by Maxim Dzhalamaga
15
How to start in web-application penetr

Upload: 0xdec0de

Post on 18-Aug-2015

99 views

Category:

Engineering


5 download

Report

Tags:

TRANSCRIPT

  1. 1. How to start in web-application penetration testing
  2. 2. Max Dzhalamaga How to start in web-application penetration testing
  3. 3. What I need for start? Skin-deep knowledge: Web technologies Http protocol Html JavaScript Web vulnerabilities
  4. 4. Tools: Web proxies: Fiddler Burp Suite Web spiders: Burp Suite WebScarab What I need for start?
  5. 5. Workflow Information gathering Test authentication Test session management Test authorization Fuzz parameters File Uploads Denial of Service
  6. 6. Information gathering Manual surfing Robots.txt Spidering Search in public sources User-Directed Spidering
  7. 7. Information gathering Hidden content Comments Logical names Brute-Force HTTP headers Vulnerability in third-party components Answers from server (Server header, custom headers, html templates) Default content (Wikto) Identify all entry points
  8. 8. Test authentication Determine the type of authentication mechanism HTML forms-based authentication HTTP basic and digest authentication Client SSL certificates and/or smartcards Check the required password complexity Review the rules Try to register accounts Try to change password Very short or blank Common dictionary words or names The same as the username Still set to a default value Administrative passwords may in fact be weaker than the password policy allows. password website name 12345678 qwerty abc123 111111 monkey 12345 Login name
  9. 9. Test authentication Test for delay after login with wrong credentials Duration of the lockout Number of failed attempts The way, how server detects it Test the error handle mechanism Difference between messages text Minor differences in responses Different time of response
  10. 10. Test authentication Test change password functionality Verbose error message if invalid username Brute-force of password Username enumeration Test password recovery functionality Simple questions Brute-force of answer easier than password
  11. 11. Test authentication Test remember me functionality Simple persistent cookie: Remember=username; Identifier of user: Remember=475; Brute-Force credentials
  12. 12. Test session management Investigate session Token Try to decrypt Try changing the tokens value one byte at a time Brute-Force token value Session termination and Log out functionality
  13. 13. Test session management Ways of stealing token XSS Session fixation Cookies parameters Path restriction Domain restriction Secure HttpOnly
  14. 14. To add text To add Title

Maxim Gorky

MAXIM LED Drivers Solution Summary - Rainbowrainbow.com.ua/images/files/LED-maxim-present.pdf · May 2007 Maxim Confidential Brea Fan MAXIM LED Drivers Solution Summary

Maxim S. Pshenichnikov Maxim S. Pshenichnikov

Appendices: Analysis of Costs to Abate International ODS ... · Market Penetration Secondary Substitute Start Date Date of Full Penetration in New Equipment Maximum Market Penetration

MAXIM INTEGRATED PRODUCTS, INC.d18rn0p25nwr6d.cloudfront.net/CIK-0000743316/4eb83dec-ec4e-4d6… · Maxim Integrated Products, Inc. (“Maxim Integrated” or the “Company” and

24 MAXIM SINGLE POINT LOCKING SYSTEMS · 24 MAXIM® MULTI-POINT & SINGLE POINT LOCKING SYSTEMS 17 Complementing the already popular Maxim® Operator & Hinge System, the new Maxim®

Maxim Seminar

MaxIm DL Manual V4 - Department of Physicsphysics.ucsd.edu/neurophysics/Manuals/Maxim/MaximDL Manual.pdf · MaxIm DL User Manual ii MaxIm DL™ LICENSE AGREEMENT IMPORTANT: This agreement

Maxim Hygiene

MAXIM Pathfinder

78M6613 HPL Firmware Quick Start Guide - Maxim

MAXIM RAINSCREEN SYSTEMS LIMITED - Maxim Groupmaximgroup.ca/wp-content/uploads/2013/05/Maxim_Brochure.pdf · Maxim Rainscreen Systems Limited ... but we can provide recommendations

Maxim Seliverstov

MAX34441 - Maxim

Maxim Creation

LEGAL MAXIM

Maxim resized

mbichuc1/PV.pdf · Optimal Electricity Distribution Pricing under Risk and High Photovoltaics Penetration Maxim Bichuch Benjamin Hobbs y Xinyue Song z Yijiao Wang x October 9, 2019

MAXCOAX2STP-HSD - Maxim Integrated · PDF file Maxim Integrated │3 For: Evaluation of Maxim Serializers/ Deserializers with STP Cable MAXCOAX2STP-HSD

Mama - - Maxim...Mama - Author Maxim Gorki Keywords Mama - Maxim Gorki Created Date 10/11/2019 2:48:00 PM

catalogue_gifts_2010 maxim

Maxim Brochure

Maxim thailand -_april_2013

Topmark Maxim

MAXREFDES42# IO-Link RTD Temp Sensor Quick Start · PDF fileFor$pricing,$delivery,$andordering$information,$please$contact$Maxim$Direct$at$1 9888962994642,$or$visit$Maxim$Integrated’swebsiteat$

descripcion Maxim

78M6613 HPL Firmware Quick Start Guide - Maxim … · 78M6613 HPL Firmware Quick Start Guide UG_6613_115 4 Rev.0 1 Introduction The 78M6613 HPL Firmware is a turnkey energy measurement

mixaj maxim

MAX15046 - Maxim

Maxim Resources Inc. (MXM) - Strategic SWOT Analysis Review...Maxim Resources Inc. - SWOT Analysis SWOT Analysis - Overview Maxim Resources Inc. - Strengths SAMPLE Maxim Resources

Librerie Maxim

MAX32xx Maxim

Penetration Testing Basics - Springer978-1-4842-1857...Penetration Testing Basics A Quick-Start Guide to Breaking into Systems Ric Messier Penetration Testing Basics: A Quick-Start

Maxim Efremov

Quick Start Guide to Penetration Testing: With NMAP, OpenVAS and Metasploit