HackNotes : Web Security Portable Reference

Learn how hackers break into web applications with a tool as fundamental as a web browser, guard against simple to complex web application attacks, strengthen web application security using a detailed methodology for testing and secure coding, eliminate susceptibility to e-commerce, SQL injection, and input validation hacks. Abstract: Shows you how to guard against standard and uncommon network penetration methodologies and eliminate susceptibility to e-commerce hacking. This book helps you learn to bolster Web application security and secure vulnerable hacking function areas. Read more... Team DDU......Page 1 CONTENTS......Page 10 Acknowledgments......Page 14 Hacknotes: The Series......Page 16 Introduction......Page 20 Reference Center......Page 24 Application Assessment Methodology Checklist......Page 25 HTTP Protocol Notes......Page 33 Input Validation Tests......Page 36 Common Web-Related Ports and Applications......Page 39 Quick-Reference Command Techniques......Page 41 Application Default Accounts and Configuration Files......Page 44 "Wargling" Search Terms......Page 45 IIS Metabase Settings and Recommendations......Page 46 Online References......Page 51 Useful Tools......Page 53 Part I Hacking Techniques & Defenses......Page 56 ■ 1 Web Hacking & Penetration Methodologies......Page 58 Threats and Vulnerabilities......Page 59 Profiling the Platform......Page 60 Profiling the Application......Page 64 Summary......Page 76 ■ 2 Critical Hacks & Defenses......Page 78 Generic Input Validation......Page 80 Common Vectors......Page 82 Source Disclosure......Page 83 URL Encoding (Escaped Characters)......Page 84 Unicode......Page 85 Alternate Request Methods......Page 87 SQL Injection......Page 88 Microsoft SQL Server......Page 94 Oracle......Page 97 MySQL......Page 99 PostgreSQL......Page 101 Putting It Together......Page 102 Cross-Site Scripting......Page 103 Finding Tokens......Page 105 Encoded vs Encrypted......Page 106 Session Attacks......Page 110 Session Correlation......Page 116 XML-Based Services......Page 118 Attacking XML......Page 119 Input Validation......Page 120 Summary......Page 127 Part II Host Assessment & Hardening......Page 128 ■ 3 Platform Assessment Methodology......Page 130 Whisker and LibWhisker......Page 131 Nikto......Page 133 Nessus......Page 136 Achilles......Page 141 WebProxy 2 1......Page 142 Curl......Page 146 Replaying Requests......Page 149 Summary......Page 153 ■ 4 Assessment & Hardening Checklists......Page 154 An Overview of Web Servers......Page 155 Compile-Time Options......Page 156 Configuration File: httpd conf......Page 161 Adsutil vbs and the Metabase......Page 165 File Security......Page 167 IIS Lockdown Utility (iislockd exe)......Page 171 Summary......Page 172 Part III Special Topics......Page 174 ■ 5 Web Server Security & Analysis......Page 176 Web Server Log Analysis......Page 177 Proxies......Page 184 Load Balancers......Page 185 Arbitrary Command Execution......Page 187 Summary......Page 192 ■ 6 Secure Coding......Page 194 Secure Programming......Page 195 Java......Page 199 ASP......Page 201 Perl......Page 202 PHP......Page 203 Summary......Page 204 ■ A 7-Bit ASCII Reference......Page 206 ■ B Web Application Scapegoat......Page 214 Installing WebGoat......Page 215 Using WebGoat......Page 216 ■ Index......Page 220 Team DDU HackNotes : Web Security Portable Reference 1 Cover 1 CONTENTS 10 Acknowledgments 14 Hacknotes: The Series 16 Introduction 20 Reference Center 24 Application Assessment Methodology Checklist 25 HTTP Protocol Notes 33 Input Validation Tests 36 Common Web-Related Ports and Applications 39 Quick-Reference Command Techniques 41 Application Default Accounts and Configuration Files 44 "Wargling" Search Terms 45 IIS Metabase Settings and Recommendations 46 Online References 51 Useful Tools 53 Part I Hacking Techniques & Defenses 56 ■ 1 Web Hacking & Penetration Methodologies 58 Threats and Vulnerabilities 59 Profiling the Platform 60 Profiling the Application 64 Summary 76 ■ 2 Critical Hacks & Defenses 78 Generic Input Validation 80 Common Vectors 82 Source Disclosure 83 Character Encoding 84 URL Encoding (Escaped Characters) 84 Unicode 85 Alternate Request Methods 87 SQL Injection 88 Microsoft SQL Server 94 Oracle 97 MySQL 99 PostgreSQL 101 Putting It Together 102 Cross-Site Scripting 103 Token Analysis 105 Finding Tokens 105 Encoded vs Encrypted 106 Pattern Analysis 110 Session Attacks 110 Session Correlation 116 XML-Based Services 118 Attacking XML 119 Fundamental Application Defenses 120 Input Validation 120 Summary 127 Part II Host Assessment & Hardening 128 ■ 3 Platform Assessment Methodology 130 Vulnerability Scanners 131 Whisker and LibWhisker 131 Nikto 133 Nessus 136 Assessment Tools 141 Achilles 141 WebProxy 2 1 142 Curl 146 Replaying Requests 149 Summary 153 ■ 4 Assessment & Hardening Checklists 154 An Overview of Web Servers 155 Log File Checklist 156 Apache 156 Compile-Time Options 156 Configuration File: httpd conf 161 IIS 165 Adsutil vbs and the Metabase 165 Accounts 167 File Security 167 Logging 171 IIS Lockdown Utility (iislockd exe) 171 Summary 172 Part III Special Topics 174 ■ 5 Web Server Security & Analysis 176 Web Server Log Analysis 177 Proxies 184 Load Balancers 185 The Scope of an Attack 187 Read or Write Access to the File System 187 Arbitrary Command Execution 187 Summary 192 ■ 6 Secure Coding 194 Secure Programming 195 Language-Specific Items 199 Java 199 ASP 201 Perl 202 PHP 203 Summary 204 ■ A 7-Bit ASCII Reference 206 ■ B Web Application Scapegoat 214 Installing WebGoat 215 Using WebGoat 216 ■ Index 220 Team DDU 1 Let consultant, trainer, and author Mike Shema show you how to guard against standard and uncommon network penetration methodologies and eliminate susceptibility to e-commerce hacking. Plus, learn to bolster Web application security and secure vulnerable hacking function areas.. Describes how hackers break into Web applications, what function areas are vulnerable, and how to guard against attacks.