1 / 6

Reconnaissance attack

Mapping web applications Note: Unless noted differently, all scanned figures were from the textbook, Stuttard & Pinto, 2011.

nicolefreeman
Download Presentation

Reconnaissance attack

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mapping web applicationsNote: Unless noted differently, all scanned figures were from the textbook, Stuttard & Pinto, 2011.

  2. “If you know your enemies and know yourself, you can win a hundred battles without a single loss.If you only know yourself, but not your opponent, you may win or may lose.If you know neither yourself nor your enemy, you will always endanger yourself.” —Sun Tzu(http://en.wikipedia.org/wiki/The_Art_of_War) • Reconnaissance attack — Probing of a system to provide attackers information on capabilities, vulnerabilities, and operation. (http://itlaw.wikia.com/wiki/Cyber_threat) Web Security

  3. Mapping the application • Build a catalog of the application’s functionality and content • Closely examine the target application • every aspect of the application’s behavior • its resources (web pages, programs, …) • the employed technologies • its security mechanisms Goal: to identify the application’s attack surface (see p.111 for a list) Web Security

  4. Enumerating the content • Techniques • Manual browsing • Automatic browsing via Web crawlers and spidering tools Examples: Burp Spider (http://portswigger.net/burp/spider.html) Web Security

  5. Enumerating the content Note: Web spidering alone has its limitations: • May miss unusual navigation mechanism (e.g., dynamically created menus) • Cannot identify URLs in compiled objects • May not supply data to pass fine-grained input validation checks • Premature exit • May not pass authentication User-directed spidering: manual browsing aided with automatic tools Web Security

  6. Some questions Q1. What are the differences between application pages and functional paths? Q2. What are the techniques for identifying server-side technology? Q3. After having learned the techniques of mapping web applications, as a defender, what are the lessons learned? That is, how would you protect your web applications against hackers’ mapping attempts? Web Security

More Related