|
What are the most common forms of attack?
Cross site scripting (XSS)
.
- Cross site: info goes from one site to another
- Two types: reflected or stored
- Can be considered a form of code injection
- Javascript is the most serious threat
- Other threats: some HTML tags and CSS
- White Hat: 53% of websites vulnerable
- Demo: cart (reflected), add member (stored)
Remote code injection
.
- PHP code uploaded and run
- Remote PHP code running directly on your website
- Demo: contacts + page=../uploads/xxx
Session hijacking, fixation, and request forgery
.
- PHP session identifier is hijacked
- Fixation: a one-time URL, such as an email confirmation
- User credentials are forged
- Cross site forgery: valid credentials used by attacker
- White Hat: 40% of websites are vulnerable
- Demo: copy PHPSESSID, tamper with cookies
SQL injection
.
- Can be devastating if successfully executed
- Can occur when user input is added to an SQL statement
- Less common than in previous years
- Can reveal sensitive database information
- Can be used to infect the website
- Can be used to alter, corrupt or empty the database
- White Hat: 7% of websites are vulnerable
- Demo: member search:
A%' UNION SELECT `password`,`dob`,`balance`,`phone`,`name` FROM `members`;--
|
|