Command Injection Attacks

Command Injection Attacks – Command injection flaws allow attackers to pass malicious code to different systems via web applications. The attacks include calls to an operating system over system calls, use of external programs over shell commands, and calls to the backend databases over SQL. Scripts in Perl, Python and other languages execute and insert the poorly designed web applications. If a Web Application uses any type of interpreneur, attacker insert malicious code to inflict damage. Command Injection Attacks To perform functions, web applications must use operating system feature and…

Read More

Classification of Vulnerability?

Classification of Vulnerability? – In a network there are generally two main causes for systems being vulnerable, software or hardware misconfiguration and poor programming practices. Attackers exploit these vulnerabilities to perform various types of attacks on organizational resource. Classification of Vulnerability? Vulnerability present in a system or network are classified into the following categories: Misconfiguration Misconfiguration is the most common vulnerability that is mainly caused by human error, which allows attackers to gain unauthorized access to the system. This may happen intentionally or unintentionally affecting web servers, application platform, database…

Read More

Vulnerability Scanning

Vulnerability Scanning – Vulnerability discovery is an integral part of any security assessment. While we prefer manual, specialized tasks that leverage our knowledge and experience during a security audit, automated vulnerability scanners are nonetheless invaluable when used in proper context. In this module, we will provide an overview of automated vulnerability scanning, discuss its various considerations, and focus on both Nessus and Nmap as indispensable tools. Vulnerability Scanning How Vulnerability Scanners Work Vulnerability scanner implementations vary, but generally follow a standard workflow. Most automated scanners will: Detect if a target…

Read More

Local File Inclusion

Local File Inclusion – File inclusions can be discovered in the same way as directory traversals. We must locate parameters we can manipulate and attempt to use them to load arbitrary files. However, a file inclusion takes this one step further, as we attempt execute the contents of the file within the application. We should also check these parameters to see if they are vulnerable to remote inclusion (RFI) by changing their values to a URL instead of a local path. We are less likely to find RFI vulnerabilities since…

Read More

What is SNMP Enumeration?

SNMP(Simple Network Management Protocol) Enumeration id process of enumerating user accounts and devices on a target system using SNMP This section describes SNMP enumeration, information extracted via SNMP enumeration, and various SNMP enumeration tools used to enumerate user accounts and devices on a target system. SNMP is an application layer protocol that runs on UDP and maintains and manages routers, hubs, and switches on an IP network. SNMP agents run on windows and Unix networks on networking devices. SNMP Enumeration is the process of creating a list of the user’s…

Read More

What is Vulnerability Stack?

One maintain and accesses web applications through various levels that include custom web applications, third-party components, databases, web servers, operating systems, networks, and security – Vulnerability Stack. All the mechanisms or services employed at each layer help the user in one way or the other to acess the web application securely. When talking about web applications, organization considers security as a critical component because web applications are major sources or attacks – Vulnerability Stack. The following Vulnerability Stack shows the layers and the corresponding element/mechanisms/service employed at each player, which…

Read More

What is Privilege Escalation?

An attacker can gain access to the network using a non-admin user account and the next step would be to gain administrative privilege escalation. Attacker performs privileges escalation attack which takes advantage of design flaws, programming errors, bugs, and configuration oversights in the OS and software application to gain administrative access to the network and its associated applications. These privileges allows attacker to view critical/sensitive information, delete files, or install malicious programs such as viruses, Trojan, worms, etc. Types of Privilege Escalation Privilege escalation take place in two forms. They…

Read More