Download Hacking Web Servers on a Network and more Study notes Cybercrime, Cybersecurity and Data Privacy in PDF only on Docsity!
Hacking Web Servers
A web server is a computer system that stores, processes, and delivers web pages to the global clients via HTTP protocol. Web servers are a critical component of a web infrastructure. A single vulnerability in web server configuration may lead to a security breach on websites. This makes web server security critical to the normal functioning of an organization. Attackers can exploit a poorly configured web server with known vulnerabilities to compromise the security of the web application. A leaky server can harm an organization.
Objective
The objective of this lab is to help students learn to detect unpatched security flaws, verbose error messages, and much more. The objective of this lab is to: ● Perform Web Server Security Reconnaissance ● Detect unpatched security flaws like Shellshock bug ● Crack remote passwords
Scenario
Most of on-line services are implemented as web applications. On-line banking, search engines, email applications, and social networks are just a few examples of such web services. Web content is generated in real time by a software application running at server-side. Hackers attack on webservers to steal credentials, passwords, and business information. They do this using DoS (DDos) attacks, SYN flood, ping flood, port scan, sniffing attacks, and social engineering attacks. In the area of Web security, despite strong encryption on the browser-server channel, Web users still have no assurance about what happens at the other end. We present a security application that augments Web servers with trusted co-servers composed of high-assurance secure co-processors, configured with a publicly known guardian program. Web users can then establish their authenticated, encrypted channels with a trusted co-server, which then can act as a trusted third party in the browser-server interaction. Systems are constantly being attacked, and IT security professionals need to be aware of common attacks on webserver applications. Attackers use sniffers or protocol analyzers to capture and analyze packets. If data is sent across a network in clear text, an attacker can capture the data packets and use a sniffer to read the data. In other words, a sniffer can eavesdrop on electronic conversations and capture data packets containing sensitive information such as passwords, account information, syslog traffic, router configuration,
DNS traffic, Email traffic, web traffic, chat sessions, FTP password, etc. It allows an attacker to read passwords in clear-text, the actual emails, credit card numbers, financial transactions, etc. It also allows an attacker to sniff SMTP, POP, IMAP traffic, POP, IMAP, HTTP Basic, Telnet authentication, SQL database, SMB, NFS, and FTP traffic. As a penetration (pen) tester or ethical hacker for an organization, you must provide security to the company’s webserver. You must perform checks on the webserver for vulnerabilities, misconfigurations, unpatched security flaws, and improper authentication with external systems. Next: Exercise 1: Performing Web Server...
Type root in the Username field and click Next.
- Type toor in the Password field and click Sign In to login.
of time minimum to complete the scan.
- Upon receiving this command, Skipfish performs a heavy brute-force attack on the webserver by using complete.wl dictionary file, creates a directory named test in the root location, and stores the result in index.html inside this location. Before beginning the scan, Skipfish displays some tips.
Press Enter to begin with the security reconnaissance.
- Skipfish scans the webserver as shown in the screenshot. Note that Skipfish takes some time (approximately 10 to 20 minutes) to complete the scan. Press Ctrl+C on Keyboard to terminate the scan as skipfish is taking a long
result.
- The Skipfish crawl result appears in the web browser, displaying the summary overviews of document types and issue types found, as shown in
the screenshot.
- Expand each node to view detailed information regarding the result. Analyze an issue found in the webserver. Click a node under the Issue type overview
10.Observe the URL of the webpage associated with the vulnerability. Click the URL.
11.Switch to skipfish tab, and click show trace next to the URL to examine the vulnerability in detail. 12.A HTTP trace window appears on the webpage, displaying the complete HTML session, as shown in the screenshot. You can examine other vulnerabilities, and patch them in the process of securing the webserver. If the window does not appear properly, hold down the Ctrl key and click the
Module 13: Hacking Web Servers 50 Minutes Remaining Instructions Resources Help 100%
Exercise 2: Footprinting a Web Server Using the
httprecon Tool
httprecon performs banner-grabbing attacks, status code enumeration, and header ordering analysis on the target web server. httprecon is a tool for advanced webserver fingerprinting, similar to httprint. The goal is highly accurate identification of httpd implementations. Lab Scenario Web applications can publish information, interact with Internet users, and establish an e-commerce/e-government presence. However, if an organization is not rigorous in configuring and operating its public Web site, it may be vulnerable to a variety of security threats. Although the threats in cyberspace remain largely the same as in the physical world (e.g., fraud, theft, vandalism, and terrorism), they are far more dangerous. Organizations can face monetary losses, damage to reputation, or legal action if an intruder successfully violates the confidentiality of their data. To be an expert ethical hacker and pen tester, you must understand how to perform footprinting on webservers. Lab Objectives The objective of this lab is to help students learn to footprint webservers. It will teach you how to: ● Use the httprecon tool ● Get webserver footprint Lab Duration : 5 Minutes
- By default, Windows Server 2016 machine is selected click Ctrl+Alt+Delete. If you are continuing the lab session, then click Windows Server 2016, click Ctrl+Alt+Delete. Alternatively navigate to Commands ( Thunder icon) menu and click
Ctrl+Alt+Delete.
- In the Password field type Pa$$w0rd and press Enter to login. Alternatively navigate to Commands ( Thunder icon) menu Type Text and
The main window of httprecon appears, as shown in the screenshot.
- In the Target section choose http:// from the drop-down list and type 10.10.10.12:8080/ceh in the address field and choose 8080 from the ports list as shown in the screenshot. Click Analyze to start analyzing the entered website.
10.10.10.12 is the IP address of the Windows Server 2012.
