• Types of vulnerabilities
    		•

    Chapter 6: Process of Web Hacking




    Download 6,34 Mb.
    Pdf ko'rish
    bet115/203
    Sana10.01.2024
    Hajmi6,34 Mb.
    #134102
    1   ...   111   112   113   114   115   116   117   118   ...   203
    Bog'liq
    Linux This Book Includes 4 Manuscripts The Underground Bible

    Chapter 6:
    Process of Web Hacking

    Web hacking
    Web hacking is a common practice all around the world now with the main
    aim being to acquire access to data on the websites. While it is not possible
    to hack every site on comes across, one can hack some websites. The level
    of difficulty in hacking a website varies depending on how protected the
    site is. Therefore, you will find that while some websites are
    straightforward to hack, some cannot be hacked due to their security levels.
    The presence of vulnerabilities on the site facilitates web hacking. Many
    methods can be used to hack a website. Some hackers might use cross-
    scripting, SQL injection, among other methods of hacking a website. Below
    are steps that one can follow to hack a website.
    1. 
    Analyze the website for weaknesses or vulnerabilities. A website
    can be vulnerable in its infrastructure or even programming
    language. The hacker should first begin the website hacking by
    identifying these weaknesses to the system as they will be the
    way into the websites.
    Types of vulnerabilities
    There are very many types of vulnerabilities that are mostly present in
    websites. Every vulnerability can be exploited in its way. The more
    vulnerabilities in a website, the easier it is to access and gain control of the
    website. Some of the potential weaknesses of websites are as explained
    below.
    ❖ 
    SQL injections- this can be a string of code that can be used to
    help the hacker upload, edit modify, and tamper with the
    information on the website. Once SQL is successfully inside the
    site, it will not work as it should. This alteration in functionality
    allows the hacker to access data that they want, alter it, or complete
    any activity that they need.
    ❖ 
    Cross-site scripting- in this type of vulnerability, the attacker will
    inject malicious code into the website through any weakness noted.
    The script will start to steal each of the visitors' cookies. For every
    visit to the site, the script is activated and cookies are stolen. The
    code then sends the cookies to the attacker. Through the cookies,

    the attacker can have access to visitor’s data, and they can use it to
    access the website when they want.

    Broken authentication and session management- here, the
    attacker will focus on attacking active sessions. Once they have
    attacked the active session, they will then use the credentials of the
    user to access the website. Access to the account means that the
    attacker can collect any data and information that need.
    There are other types of vulnerabilities that can be exploited in a website.
    The more the vulnerabilities, the easier to hack as well as the higher the
    threat. The threat is not only to the website owner but also to the users of
    the websites as they can quickly lose data or get attacked as well.

    Download 6,34 Mb.
    1   ...   111   112   113   114   115   116   117   118   ...   203




    Download 6,34 Mb.
    Pdf ko'rish