.

get our extension

Sunday, 3 August 2014

Types Of Website Vulnarbilities/Risks

BY Unknown IN , , No comments



Hacking is a growing threat for every business both large and small. Whether it’s stealing private data, taking control of your computer, or shutting down your website, hackers can seriously impact any business, at any time in a number of ways.




Hacking Websites is one of the most the common techniques used by BlackHats and also Hacktivists. Whether by DDOSing or Remote File Inclusion Hacking websites offers the Hacking group or indivisual immense exposure, popularity and supposedly fame. There exist numerous ways to take control of or bring down a website. Below I discuss the ten most popular ways they can threaten the security of your site, and your business. These hacks alone account for over 90% of all Website Hacking Techniques: (It's a long one, so make yourselves comfortable)




10. INJECTION ATTACKS

Injection attacks occurs when there are flaws in your SQL Database, libraries, or even the operating system itself. When exceptions are not properly accounted for, say whether password checking isn't rigorous enough- Hackers can use this to obtain access to confidential information by fooling the system. They might gain unauthorized access to private data such as social security numbers, credit card number or other financial data.Injection attacks like SQL injection could have surprisingly commands and methods to access vital databases. SQL uses very simple queries to obtain information requested by users, which makes for a relatively easy hack.




9. CROSS SITE SCRIPTING ATTACKS

Cross Site Scripting, also known as an XSS attack, occurs when an application, URL-“get request”, or file packet is sent to the web browser window bypassing the validation process. Once an XSS script is triggered, it’s deceptive property makes users believe that the compromised page of a specific website is legitimate even though it has been compromised.

For example, say a website has an XSS script in it, the user might see a popup window asking for their contact information and other sensitive data, even though the actually website may not have anything to do with it.




In another example, the hacker might run commands cause the user’s session ID to be sent to the attacker’s website, allowing the hacker to hijack the user’s current session. That is, he may then be able to use this cookie to make the browser think that he is actually his victim and get complete and unrestricted access to his account (A form of identity theft).




8. BROKEN AUTHENTICATION AND SESSION MANAGEMENT ATTACKS

If the user authentication system of your website is weak, hackers might be able to take full advantage. Authentication systems involve passwords, key management, session IDs, and cookies that can allow a hacker to access your account from any computer (as long as they are valid).




If a hacker exploits the authentication and session management system, they can assume the user’s identity. (This is similar to the last one - XSS) Ask yourself these questions to find out if a website is vulnerable to a broken authentication and session management attack:




►Are user credentials weak (e.g. stored using hashing or encryption)?

►Can credentials be guessed or overwritten through weak account management functions (e.g. account creation, change password, recover password, weak session IDs)?

►Are session IDs exposed in the URL (e.g. URL rewriting)?

►Are session IDs vulnerable to session fixation attacks?

►Do session IDs timeout and can users log out?




If you have your own website and if the answer to any of these questions is “yes”, your site could be vulnerable to a attack.




7. CLICKJACKING ATTACKS

Clickjacking, also called a UI Redress Attack, is when a hacker uses multiple opaque layers to trick a user into clicking the top layer without them knowing. What I mean by that is, the hacker is able to show his own content on a "naive" website. Perhaps an adf.ly link and he could be earning easy money. Thus the attacker is “hijacking” clicks that are not meant for the actual page, but for a page where the attacker wants you to be.




Another example, using a carefully crafted combination of stylesheets, iframes, and text boxes, a user can be led the user to believe they are typing in the password for their bank account, but are actually typing into an invisible frame controlled by the attacker. The website might function normally for the unsuspecting user, but behind the scenes their vital information will be in the hands of the attacker.




6. DNS CACHE POISONING

DNS Cache Poisoning involves old cache data that you might think you no longer have on your computer, but is actually “toxic”. Also known as DNS Spoofing, hackers can identify vulnerabilities in a domain name system, which allows them to divert traffic from legit servers to a fake website and/or servers. This form of attack can be programmed to spread and replicate itself from one DNS server to another DNS, “poisoning” everything in it’s path.




In fact, in 2010, a DNS poisoning attack completely compromised the Great Firewall of China (GFC- Yes, it's a thing) temporarily and censored certain content in the United States until the problem was fixed.




5. SOCIAL ENGINEERING ATTACKS

A social engineering attack is not technically a “hack”. When someone first finds out what exactly it is, they are surprised that it actually works. So was I, but indeed it does work.




It happens when you divulge private information in good faith, such as a credit card number, through common online interactions such as email, chat, social media sites, or virtually any website. The problem, of course, is that you’re not getting into what you think you’re getting into.




A classic example of a social engineering attack is the popular “Microsoft tech support” scam. This is when someone from a call center pretends to be a MS tech support member who says that your computer is slow and/or infected, and can be easily fixed – at a cost, of course. Considering that most computers are indeed quite slow and hang sometimes, this scam is quite well written. Of course, it need not be about money and most often it isn't. Telling someone the name of your first pet might actually be giving them complete access to your account. Surprised? This is actually one of the most common security questions.




4. SYMLINKING – AN INSIDER ATTACK

A symlink (Symbolic Link) is basically a special file that “points to” a hard link on a mounted file system. A symlinking attack occurs when a hacker positions the symlink in such a way that the user or application that access the endpoint thinks they’re accessing the right file when they’re really not.(Read that again)




If the endpoint file is an output, the consequence of the symlink attack is that it could be modified instead of the file at the intended location. Modifications to the endpoint file could include appending, overwriting, corrupting, or even changing permissions.




Meaning, the user might be doing one thing, but another is actually happening. In different variations of a symlinking attack a hacker may be able to control the changes to a file, grant themselves advanced access, insert false information, expose sensitive information or corrupt and destroy vital system databases or application files.




3. CROSS SITE REQUEST FORGERY ATTACKS

A Cross Site Request Forgery Attack happens when a user is logged into a session (or account) and a hacker uses this opportunity to send them a forged HTTP request to collect their cookie information.




In most cases, the cookie remains valid as long as the user or the attacker stays logged into the account. This is why websites ask you to log out of your account when you’re finished and close the window after logging out – it will expire the session immediately.




In other cases, once the user’s browser session is compromised, the hacker can generate requests to the application that will not be able to differentiate between a valid user and a hacker. Another identity theft- the hacker confuses the server as to who he actually is.




2. REMOTE CODE EXECUTION ATTACKS

The most devastating in the whole list, a Remote Code Execution attack is a result of either server side or client side security weaknesses.

Vulnerable components may include libraries, remote directories on a server that haven’t been monitored, frameworks, and other software modules that run on the basis of authenticated user access. Applications that use these components are always under attack through things like scripts, malware, and small command lines that extract information.




In this attack, the hacker is basically able to get complete access to the website's server itself. How is that so devastating? This gives him access to every bit and byte of information stored in the database(If the request is coming from the server itself, why would it be denied? That's what it's build for). He may also obtain access to the website's actual code that the browser then shows the user.Meaning, he could totally wipe out the website, mess with the links and buttons, show his own stuff - Sky's the limit. Plus there's usually only one way to recover - Rebuild. But this also makes for quite a complicated attack, details of which aren't suitable to be disclosed here.




1. DDOS ATTACK – DISTRIBUTED DENIAL OF SERVICE ATTACK

The most popular and most widely used,the DDoS attack (Distributed Denial of Services), is where a server or a machine’s services are made unavailable to its users.




The usual agenda of a DDoS campaign is to temporarily interrupt or completely take down a successfully running system.

The most common example of a DDoS attack could be sending tons of URL requests to a website or a webpage in a very small amount of time. This causes bottlenecking at the server side because the CPU simply runs out of resources.




Denial-of-service attacks are considered violations of the Internet Architecture Board’s Internet proper use policy, and also violate the acceptable use policies of virtually all Internet service providers- DDoSing is highly illegal.


Hence We Are Anti-Hackers, So They Above Info Are For Educational Purpose Only !

0 Comments:

Post a Comment

Please Leave You Queries Here And Contact Me If You Need Help