Web Penetration Testing with Kali Linux - Second Edition
Language: English
Pages: 292
ISBN: 1783988525
Format: PDF / Kindle (mobi) / ePub
Build your defense against web attacks with Kali Linux 2.0
About This Book
- Gain a deep understanding of the flaws in web applications and exploit them in a practical manner
- Get hands-on web application hacking experience with a range of tools in Kali Linux 2.0
- Develop the practical skills required to master multiple tools in the Kali Linux 2.0 toolkit
Who This Book Is For
If you are already working as a network penetration tester and want to expand your knowledge of web application hacking, then this book tailored for you. Those who are interested in learning more about the Kali Sana tools that are used to test web applications will find this book a thoroughly useful and interesting guide.
What You Will Learn
- Set up your lab with Kali Linux 2.0
- Identify the difference between hacking a web application and network hacking
- Understand the different techniques used to identify the flavor of web applications
- Expose vulnerabilities present in web servers and their applications using server-side attacks
- Use SQL and cross-site scripting (XSS) attacks
- Check for XSS flaws using the burp suite proxy
- Find out about the mitigation techniques used to negate the effects of the Injection and Blind SQL attacks
In Detail
Kali Linux 2.0 is the new generation of the industry-leading BackTrack Linux penetration testing and security auditing Linux distribution. It contains several hundred tools aimed at various information security tasks such as penetration testing, forensics, and reverse engineering.
At the beginning of the book, you will be introduced to the concepts of hacking and penetration testing and will get to know about the tools used in Kali Linux 2.0 that relate to web application hacking. Then, you will gain a deep understanding of SQL and command injection flaws and ways to exploit the flaws. Moving on, you will get to know more about scripting and input validation flaws, AJAX, and the security issues related to AJAX.
At the end of the book, you will use an automated technique called fuzzing to be able to identify flaws in a web application. Finally, you will understand the web application vulnerabilities and the ways in which they can be exploited using the tools in Kali Linux 2.0.
Style and approach
This step-by-step guide covers each topic with detailed practical examples. Every concept is explained with the help of illustrations using the tools available in Kali Linux 2.0.
Beginning JSP, JSF and Tomcat: Java Web Development
WordPress for Web Developers: An Introduction for Web Professionals
Dreamweaver CS6 Mobile and Web Development with HTML5, CSS3, and jQuery Mobile
Building Business Websites with Squarespace 7
against a database containing signatures of the malicious packets. The version scanning option is only as good as the quality of signatures in that file. Following screenshot shows the output of the preceding commands: The --version-trace option will make Nmap print out debugging information about the version scanning and the underlying tests that are run. [ 73 ] Reconnaissance and Profiling the Web Server You can report incorrect results and new signatures for unknown ports to the Nmap
attack, but some can still accept values through Unicode-encoding technique. It's not only the web server that is vulnerable to path traversal attack; if the application does not perform proper input validation, a malicious user may encode the absolute path to a system file into a web form and view it directly in the browser. You can check whether a web server is vulnerable to traversal attack by encoding ../ in the URL, as shown here: http://testlab.org/..%255c..%255c..%255cboot.ini A few
number, and address. Cross-site request forgery attack is also known as one-click or session riding attack. Here's a simple example: 1. Attacker identifies a direct link on a vulnerable bank application to transfer money as follows: http://vulnerablebank.com/transfer.do?acct=ROGER&amount=100 2. The innocent victim has an account on the vulnerablebank.com website and is currently authenticated on it. [ 112 ] Chapter 4 3. The attacker tricks the victim into opening the modified URL,
intelligent injection algorithm that improves your chances of exploiting the injection flaw. [ 153 ] Attacking the Server Using Injection-based Flaws The sqlsus tool can be found at Applications | Database Assessment. When you use the tool for the first time, a configuration file needs to be generated. This can be done using the –g option: The configuration file stores all the important information related to the injection attack. The URL to be tested is the first option to be defined here.
testing is bound by a contract between the tester and owner of the systems to be tested. You need to define the scope of the test to identify the systems to be tested. The rules of engagement need to be defined, which decide the way in which the testing is to be done. [4] Chapter 1 Vulnerability assessment At times organizations might want to only identify the vulnerabilities that exist in their systems without actually exploiting it and gaining access. Vulnerability assessments are broader