- Hacking Web Servers. - Web Servers. - Popular Web Servers and Common Vulnerabilities. - Apache Web Server Security. - Attacks against Web Servers. - Patch Management. - Increasing Web Server Security. - Increasing Web Server Security Apache Vulnerability. - Web Server Defacement. - Web Server Vulnerabilities. - How Web Servers Work. - The browser connects to the server and requests a page. - The server sends back the requested page. - running a web server. - How Web Servers Work (cont’d). - The server name. - The browser communicates with a name server, which translates the server name, www.website.com, into an IP address. - The browser then forms a TCP connection to the web server at that IP address on port 80. - request to the server, asking for the file http://webpage.html. - The server sends the HTML text for the web page to the browser. - How are Web Servers Compromised?. - Bugs: OS bugs may allow commands to be run on the web. - Installing the server with defaults:. - Service packs may not be applied in the process, leaving holes behind. - How are Web Servers Defaced?. - Credentials through Man-in- the-middle attack. - Web Server extension intrusion. - For instance, consider the vulnerability which was found in the Win32 port of Apache 1.3.20. - IIS is one of the most widely used web server platforms on the Internet. - Microsoft's web server has been a frequent target over the years. - Buffer Overflow exploits (IIShack.exe). - These outdated vulnerability has been presented here as a proof of concept to demonstrate how a buffer overflow attack works. - For example, "%c0%af". - Thus, by feeding the HTTP request (as shown below) to IIS, arbitrary commands can be executed on the server:. - GET/scripts/..%c0%af../winnt/system32/cmd.exe?/. - This outdated vulnerability has been presented here as a proof of concept to demonstrate how a buffer overflow attack works. - A malformed URL could be used to access files and folders that lie anywhere on the logical drive that contains the web folders. - This allows the attacker to escalate his privileges on the machine. - This would enable the malicious user to add, change or delete data, run code already on the server, or upload new code to the server and run it. - This outdated vulnerability has been presented here as a proof of concept to demonstrate how privilege escalation attack works.. - Hacking Tool: IISxploit.exe. - By sending a specially crafted WebDAV request to an IIS 5.0 server, an attacker may be able to execute arbitrary code in the Local System. - This outdated vulnerability has been presented here as a proof of concept to demonstrate how a Denial of Service attack works. - This outdated vulnerability has been presented here as a proof of concept to demonstrate how a buffer overflow works. - ASP Trojan is a small script when uploaded to a Web Server allows you complete control of the remote PC. - http://victim.com/scripts/..%c0%af../..%c0%af../..%c 0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../.. - .%c0%af../winnt/system32/cmd.exe?/c+dir+C:\Winnt\sys tem32\Logfiles\W3SVC1. - This tool helps to grab web server logs and build graphically rich self-explanatory reports on website usage statistics, referring sites, traffic flow, search phrases, etc.. - This tool clears the log entries in the IIS log files filtered by an IP address. - When executables and DLL files are not preceded by a path in the registry (e.g. - explorer.exe does not have a fixed path by default). - Windows NT will search for the file in the following locations in this order:. - the directories specified in the PATH environment variable. - Listing patches applied previously to the current software. - diagnose and eliminate the effects of anomalies in the packaging of hotfixes for Microsoft Windows 2000. - Qfecheck.exe determines which. - hotfixes are installed by reading the information stored in the following registry key:. - cacls.exe Utility. - Built-in Windows 2000 utility (cacls.exe) can set access control list (ACLs) permissions globally. - C:\>cacls.exe c:\myfolder\*.exe /T /G System:F Administrators:F. - Whisker is an automated vulnerability scanning software that scans for the presence of exploitable files on remote web servers. - Refer to the output of this simple scan below and you will see that Whisker has identified several potentially. - WebInspect is an impressive web server and application-level. - It can analyze a basic web server in 4 minutes, cataloging over 1,500 HTML pages. - UrlScan is a security tool that screens all incoming requests to the server by filtering the requests based on rules that are set by the administrator. - Web Server Protection Checklist. - Enable failed logon attempts in the log. - Web Server Protection Checklist (cont’d). - Access to the metabase is restricted by using NTFS permissions 10. - Code access security is enabled on the server. - Web servers assume critical importance in the realm of Internet security. - Vulnerabilities exist in different releases of popular web servers and respective vendors patch these often. - The inherent security risks owing to compromised web servers have impact on the local area networks that host these websites, even on the normal users of web. - Different tools/exploit codes aid an attacker in perpetrating web server hacking
Xem thử không khả dụng, vui lòng xem tại trang nguồn hoặc xem
Tóm tắt