Hacking Web Server? – Web Servers are the programs that are used for hosting websites. Web servers may be deployed on a separate web server hardware or installed on a host as a program.
Use of Web applications is also increased over last few years. The upcoming web application is flexible and capable of supporting larger clients.
In This Blog , we will discuss Web Servers Vulnerabilities, Web Server attacking techniques and tools and their mitigation methods.
What Is WebServer?
Web Server is a program that hosts Web Sites, Based on both Hardware and Software. It delivers files and other content on the website over Hyper Text Transfer Protocol (HTTP).
As we know, use of internet and intranet has raised, web services have become a major part of the internet. It is used for delivering files, email communication, and other purposed.
Web Server supports different types of application extensions whereas all of them support HTML for basic content delivery. Web Servers can be differentiated by the security models, operating systems and other factors.
Web Server Security Issue
Security Issue to a web server may include network-level attacks and Operating system-level attacks. Usually, an attacker targets any vulnerability and mistakes in the configuration of the web server and exploits these loopholes.
These Vulnerability may include:-
- Improper permission of file directories
- Default configuration
- Enabling Unnecessary Services
- Lack of Security
- Misconfigured SSL Certificates
- Enabled debugging
Server administrator makes sure about eliminating all vulnerabilities and deploying network security measures such as IPS/IDS and Firewalls. Threats and attacks to a web server are described later in this chapter.
Once a web server is compromised, it will result in compromising all user account, denial of services offered by the server, defacement, launching furthe attacks through the compromised website, accessing the resources and data theft.
Open Source Web Server Architecture
Open Source Web Server Architecture is the Web Server Model in which an open source web server is hosted on either a web server or a third-party host over the internet. Most popular and widely used open source web server are:-
- Apache HTTP Server
- Apache Tomcat
IIS Web Server Architecture
Internet Information Services (IIS) is a Windows-Based service which provides a request processing architecture. IIS latest version is 10.0. The architecture includes Windows Process Activation Services (WAS), Web Server Engine and Integrated request processing pipeline.
IIS contains multiple components which are responsible for several function such as listening to the request, managing processes, reading configuration files, etc.
Components of IIS
Components of IIS include:
- Protocol Listener
- Protocol Listeners are responsible for receiving protocol-specific requests. They forward these requests to IIS for processing and then return responses to requestors.
- HTTP listener is implemented as a kernel-mode device driver called the HTTP protocol stack (HTTP.sys). HTTP.sys is responsible for listening HTTP requests, forwarding these requests to IIS for processing, and then returns processed responses to client browsers.
- World Wide Web Publishing Service (WWW Service)
- Windows Process Activation Service (WAS)
- In The previous version of IIS, World Wide Web Publishing Service (WWW Service) is handling the functionality, whereas in version 7 and later, WWW service and WAS service are used. These services run svchost.exe on the local system and share same binaries.
Web Server Attacks
Web Server Attacking techniques includes several techniques, some of them are defined earlier in this Website Please Check it, remaining techniques are defined below:-
DoS and DDoS attack, their attacking techniques are defined in detail in this blog What Is DoS and DDoS. These DoS/DDoS attacks are used to flood fake request toward web server resulting in the crashing, unavailability or denial of service for all users.
DNS Server Hijacking
By Compromising DNS server, attacker modifies the DNS configuration. The effect of modification results in terms of redirecting the request towards target web server to the malicious server owned or controlled by the attacker.
DNS Amplification Attack
DNS Amplication Attack is performed with the help of DNS recursive method. Attacker takes advantage of this feature and spoofs the lookup request to DNS sever. DNS server response the request to the spoofed address, i.e the address of the target. By the amplication of the size of the request and using botnets, results Distributed Denial Of Service Attack.
Hacking Web Server?
Directory Traversal Attacks
In this type of attack, attacker attempt using trial and error method to access restricated directories using dots and slash sequences. By accessing the directories outside the root directory, attacker reveral sensitive information about the system.
A defined in previous chapters, Using Man-in-the-Middle attack, the attacker places himself in between client and server and sniff the packets, extract sensitive information from the communication by intercepting and alerting the packets.
Using Phishing Attacks, attacker attempt to extract login details from a fake website that looks like a legitimate website. This stolen information, mostly credentials, are used by the attacker to impersonate into a legitimate user on the actual target server.
Website defacement is the process in which attacker after successful intrusion into a legitimate website, alerts and modify the content, apperance of the website. It can be performed by several techniques such as SQL Injection to access the website and deface it.
Web Server Misconfiguration
Another method of attack is by finding vulnerabilities in a website and exploiting them. An attacker may look for misconfiguration and vulnerabilities of system and components of the Web server. An attacker may identify weaknesses in terms of the default configuration, remote functions, misconfiguration, default certificates and debugging to exploit them.
HTTP Response Splitting Attack
HTTP Response Splitting attack the technique in which an attacke sends response splitting request to the server. By this way, an attacker can add the header responses. The second response is under control of the attacker, so user can be redirected to the malicious website.
Web Cache Poisoning Attack
Hacking Web Server?
Web Cache Poisoning Attack in a technique in which attacker wipe the actual cache of the web server and store fake entries by sending a crafted request into the cache. This will redirect the users to the malicious web pages.
SSH Brute-Force Attack
Brute Forcing the SSH tunnel will allow the attacker to use encrypted tunnel. This encrypted tunnel is used for the communication between hosts. By Brute Forcing the SSH Login credentials, an attacker can gain unauthorized access to SSH tunnel.
Web Application Attacks
Other web application related attacks may include:-
- Cookie Tampering
- DoS Attack
- SQL Injection
- Session Hijacking
- Cross-Site Request Forgery (CSRF) Attack
- Cross-Site Scripting (CSS) Attack
- Buffer Overflow.
Web Server Hacking Methodology
Information gathering includes a collection of information about target using different platforms either by social engineering, internet surfing, etc. An attacker may use different tools, networking commands for extract information. An attacker may navigate to robot.txt file to extract information about internal files.
Web Server Footprinting
It Includes footprinting focused on the web server using different tools such as Netcraft, Maltego, and httprecon, etc. Results of Web server footprinting brings server name, type, operating system and running application and other information about the target website.
Mirroring A Website
As defined earlier, mirroring a website is the process mirroring the entire website in the local system. If the entire website is downloaded onto the system, it enables is attacker to use, inspect the website, directories, structure and to find other vulnerabilities from this downloaded mirrored website copy. Instead of sending multiple copies to a web server, this is a way to find vulnerabilities on a website.
Vulnerability Scanners are automated utilities which are specially developed to detect vulnerabilities, weakness, problems, and holes in an operaing system, network, software and application. These scanning tools perform deep inspection of scripts, open ports, banners, running services, configuration errors ,and other areas.
Attacker by intercepting, alerting and using a Man-in-the Middle attack to hijack a session. The attacker uses the authenticated session of a legitimate user without initiating a new session with the target.
Hacking Web Server?
Hacking Web Passwords
Password Cracking is the method of extracting the password to gain authorized access to the target system in the guise of a legitimate user. Password cracking may be performed by social engineering attack or cracking through tempering the communication and stealing the stored information.
Password Attacks are classified into the following types:-
- Non-Electronic Attacks
- Active Online Attacks
- Passive Online Attacks
- Default Passord
- Offline Attack
The Basic recommendation for securing the web server from internal and external attacks and other threat is the place the web server in a secure zone where security devices such as Firewalls, IPS and IDS are deployed, filtering and inspecting the traffic destined to the web server. Placing the web server into an isolate enviorment such As DMZ protect it from threats.
Detecting Web Server Hacking Attempts
There are several techniques that are being used to detect any intrusion or unexpected activity in a web serve such as Website change detection system detects for a hacking attempt by using scripting which is focused on inspecting changes made by executable files. Similarly, hashesh are periodically compared to detect modification.
Defending Against Web Server Attacks
- Auditing Ports
- Diabling insecure and unnecessary ports.
- Using port 443 HTTPS Over port 80 HTTP.
- Encrypted Traffic.
- Server Certificate
- Code Access Security Policy
- Disable tracing
- Disable Debug compiles.
If You Like This Information Please Comment Down And For More Hacking Content Click Here