Web Perversion
Solutions
Inside Sanctum
Events
Customers
Support and Training
AppShield Demo
AppScan Demo
web perversion demo
Featured Coverage  
Identifying the 10 most common application-level hacker attacks
 
Tech Republic
Identifying the 10 most common application-level hacker attacks
August 21, 2001
By Izhar Bar-Gad
Guest Contributor

Breaches in application security don�t usually get as much publicity as e-mail viruses such as SirCam or worms such as Code Red, but they can cause just as many problems, ranging from theft of merchandise and information to the complete shutdown of a Web site. Securing Web site applications is no easy task, but unfortunately, application hacking is very simple.

A hacker typically spends a few hours getting to know the Web application by thinking like a programmer and identifying the shortcuts he would have created, had he built the application. Then, using nothing more than the Web browser, the hacker attempts to interact with the application and its surrounding infrastructure in malicious ways, causing anywhere from minor to catastrophic damage.

To prevent these problems, a company must first find its Web site�s vulnerabilities and then close the windows of opportunities that hackers exploit. This list explains the most common Web site weaknesses that hackers typically exploit to conduct their attacks.

Finding the problems
As the CTO of Sanctum, I have helped companies to identify and fix application security problems. Sanctum addresses the enormous issue of application-level security for e-business companies by providing both security consulting services and long-term defense technology to complement network security and authentication tools. Our Web application security software secures and monitors Web application behavior to ensure the program is only doing what it is intended to do.

Audits performed by Sanctum on over 100 leading Web sites simulated hacker attacks and revealed that over 97 percent of the sites had major application-level problems that could be exploited in only a few hours. Sanctum performed the audits�often called �ethical hacks� because customers request and authorize Sanctum to hack their site�by accessing a customer�s Web site just as any other user (or hacker) would: through the browser, outside the company's firewall and network.

Aided by Sanctum's automated Web application vulnerability assessment tool, AppScan, the auditor crawls through the site, recognizing the site�s application security policies, identifying known and unknown vulnerabilities specific to the target site, and imitating a hacker to exploit the vulnerabilities and attack the site. The success of the attacks and the severity of each vulnerability are assessed and presented to the company with a detailed report of the findings along with recommended fixes.

Common weak spots
Almost all of the Sanctum audits found that while Web sites were heavily secured at the network level (i.e., firewalls and encryption), these sites still allowed hackers to access valuable customer and corporate information, shoplift sales items, and receive free products or services. Using the following top 10 hacking techniques, Sanctum auditors were able to exploit common vulnerabilities and commit numerous cybercrimes during the ethical hacks.

  1. Cookie poisoning�Identity theft
    By manipulating the information stored in a browser cookie, hackers assume the user�s identity and have access to that user�s information. Many Web applications use cookies to save information (user id, timestamp, etc.) on the client�s machine. Since cookies are not always cryptographically secure, a hacker can modify them, thus fooling the application into changing their values by �poisoning the cookie.� Malicious users can gain access to accounts that are not their own and perform activities on behalf of that user.
  2. Hidden-field manipulation�E-shoplifting
    Hackers can easily change hidden fields in a page's source code to manipulate the price of an item. These fields are often used to save information about the client's session, eliminating the need to maintain a complex database on the server side. Because e-commerce applications use hidden fields to store the prices of their merchandise, Sanctum auditors were able to view the sites� source codes, find the hidden field, and alter the prices. In a real-world scenario, no one would have discovered the change and the company would have shipped the merchandise at the altered prices and may even have sent a rebate.
  3. Parameter tampering�Fraud
    This technique involves changing information in a site�s URL parameter. Because many applications fail to confirm the correctness of common gateway interface (CGI) parameters embedded inside a hyperlink, parameters can be easily altered to, for example, allow a credit card with a $500,000 limit, skip a site login screen, and give access to alternate orders and customer information.
  4. Buffer overflow�Closure of business
    By exploiting a flaw in a form to overload a server with excess information, hackers can often cause the server to crash and shut down the Web site.
  5. Cross-site scripting�Hijacking/Breach of Trust
    When hackers inject malicious code into a site, the false scripts are executed in a context that appears to have originated from the targeted site, giving attackers full access to the document retrieved and maybe even sending data contained in the page back to the attacker.
  6. Backdoor and debug options�Trespassing
    Often, programmers will leave in debug options to test the site before it goes live. Sometimes, in haste, they forget to close the holes, giving hackers free access to sensitive information.
  7. Forceful browsing�Breaking and entering
    By subverting the application flow, hackers access information and parts of the application that should normally be inaccessible, such as log files, administration facilities, and application source code.
  8. Stealth commanding�Concealing a weapon
    Hackers often conceal dangerous commands viaa "Trojan horse," with the intent to run malicious or unauthorized code that is damaging to the site.
  9. Third-party misconfiguration�Debilitating a site
    Since vulnerabilities are posted and patches made available on public Web sites (such as Securityfocus), hackers are alerted to new vulnerabilities as they arise. For example, through a configuration error, a hacker could create a new database that renders the existing one unusable by the site.
  10. Known vulnerabilities�Taking control of the site
    Some technologies used in sites have inherent weaknesses that a persistent hacker can exploit. For example, Microsoft Active Server Page (ASP) technology can be exploited to gain the administrators� passwords and take control of the entire site.

Preventing these attacks
The continuous cycle of auditing applications and trying to keep up with the latest patches is a constant battle against hackers who are armed with automated tools to scout out the newest vulnerabilities. While virtually all sites today attempt to achieve application-level security manually and ultimately fail, new automated tools have recently become available that allow auditors, developers, and QA professionals to perform vulnerability assessments and ethical hacks that catch the vulnerabilities before the hackers do. Sanctum offers several of these products, including AppShield, which detects application manipulation through the browser, and AppScan, which automates the complex task of auditing Web applications.Sanctum also provides AppAudits for companies who want to identify the vulnerabilities of their Web sites.


Izhar Bar-Gad is the CTO of Sanctum. Before joining the Sanctum team, he was a project leader for Amdocs in Israel for both the infrastructure and advanced research groups. During his military service in the Israeli Defense Forces, Bar-Gad was part of a special Internet security defense unit and led the development of a large software project involving communications and information security.



      © 2002 Sanctum, Inc.      Privacy Statement



  1. https://www.gustudentassociation.org/
  2. https://kimmerestaurant.com/
  3. https://www.nyonyafood.com/
  4. https://www.perfectotech.com/
  5. https://www.planetgapyear.com/
  6. https://whatcomvet.com/
  7. https://theclassicyachtexperience.com/
  8. https://www.batonrougerosesociety.org/
  9. https://www.finburysullivan.com/
  10. https://mikrofinanzinstitut.com/
  11. https://oakgroveplantationsc.com/
  12. https://www.the-vision-of-harmony.org/
  13. https://www.pantheonpress.com/
  14. https://thefinancialgraduate.com/
  15. https://www.thenutkitchen.com/
  16. https://altiboutique.com/
  17. https://ambushsweden.com/
  18. https://goingonforgod.com/
  19. https://lasdopestattorney.com/
  20. https://www.sewardne.com/
  21. https://www.tehranfestival.com/
  22. https://www.bistrotmarin.com/
  23. https://brysonchristianmontessorischool.com/
  24. https://www.excalibureurope.com/
  25. https://www.tropicaltopless.com/
  26. https://www.originallotsoflox.com/
  27. https://www.wavespace-berlin.com/
  28. https://www.nicolasboutruche.com/
  29. https://www.michiganmediates.org/
  30. https://www.victoria-abbott.com/
  31. https://www.yourmyrtlebeachproperty.com/
  32. https://metrcconference.com/
  33. https://biotechscope.com/
  34. https://jzbrasil.com/
  35. https://kingswoodacquisition.com/
  36. https://www.mobilegourmetkitchen.com/
  37. https://saafootball.org/
  38. https://griefergames.info/
  39. https://ampalauragarcianoblejas.com/
  40. sbobet
  41. judi parlay
  42. togel kamboja
  43. Pengeluaran Cambodia
  44. judi bola
  45. demo slot
  46. Togel Kamboja
  47. keluaran Kamboja
  48. slot thailand
  49. togel kamboja
  50. keluaran kamboja
  51. togel Kamboja
  52. slot demo
  53. keluaran cambodia
  54. togel cambodia
  55. demo mahjong
  56. live draw macau
  57. slot thailand
  58. pengeluaran kamboja
  59. judi bola
  60. sbobet