HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 55 guests and 1 member online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Web Applicationsarrow What is possible in Webpage hacking?
EH-Net
May 25, 2012, 01:56:36 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: What is possible in Webpage hacking?  (Read 5716 times)
0 Members and 1 Guest are viewing this topic.
The_UnKn@wn
Newbie
*
Offline Offline

Posts: 3


View Profile
« on: March 05, 2010, 04:48:13 PM »
hi

I created a webpage which is basically a projectmanagement site which uses a MySQL database in the background for storing informatiion. I would want to test this webpage, but I have basically no idea what I could do?

I have a basic information about SQL injection, but that's it. What else could I do?

the webpage is written in PHP/HTML using a MySQL Database.

Thanks
Logged
xXxKrisxXx
Sr. Member
****
Offline Offline

Posts: 491



View Profile
« Reply #1 on: March 05, 2010, 04:54:18 PM »
Hey The_Unkn@wn,

I'd suggest a web vulnerability scanner to start out with. Then go as far as you could to prove they exist.

You may want to take a look at the Top 10 Web Vulnerability Scanners List Below:

http://sectools.org/web-scanners.html

I've used Nikto personally and like it - but I've also heard positives about Burpsuite as well.

There's also a couple of useful add-ons for firefox like:

SQL Inject Me:

https://addons.mozilla.org/en-US/firefox/addon/7597

That'll just run tests on the page with a simple click of a button and report back to you. A good test that I set up was I followed the Metasploit Unleashed course in setting up a vulnerable ASP page, along with SQL Server and attacked it. Those just a couple of pointers.

You could find out how to setup the vulnerable page if you go to the Metasploit Unleashed Course Then Hit -> Required Materials - > Windows XP SP2
« Last Edit: March 05, 2010, 04:56:23 PM by xXxKrisxXx » Logged
OSCP, OWSP, eCPPT
aweSEC
Hero Member
*****
Offline Offline

Posts: 1100


View Profile
« Reply #2 on: March 05, 2010, 05:07:37 PM »
I'd adhere to xXxKrisxXx's advice only if you own the server or have written permission to audit it. If it is hosted on some kind of hoster where you have only the rights to host your stuff, you might get into serious trouble otherwise.

That said, I would recommend Burp Suite which is really great and offers dozens of useful functions.

As you stated that you have no idea on how to do something like this, you may take a look at the OWASP project which offers many great resources and read-ups on how to do those things you are asking about. One part of it would be their Testing Guide, where you will find many useful tips.
Additionally you may then search for some of the most common web-based attacks, such as sql injections etc.

Depending on the project, you should also consider to hire a professional pentesting company, as those should have in-depth experience with this kind and will most probably get quite a lot more out than you could in the same time (as it seems you have no experience with this kind at this point).
Logged
The_UnKn@wn
Newbie
*
Offline Offline

Posts: 3


View Profile
« Reply #3 on: March 05, 2010, 05:25:20 PM »
thanks guys. Yes, that's right, I have at that point no clue how to hack a website.
I could hire a pentest company, but the thing is that I want to test it by my own and I want to learn something.

What would be fore example a successful hack? That I get a mysql error or what?

@awesec: I wrote this page and I run it on a local server, so permissions don't matter here.
« Last Edit: March 05, 2010, 05:27:12 PM by The_UnKn@wn » Logged
aweSEC
Hero Member
*****
Offline Offline

Posts: 1100


View Profile
« Reply #4 on: March 05, 2010, 05:32:40 PM »
I see. Pointing on the legal aspect might seem a little 'boring', but it is a necessity in my opinion. Wink
  
Getting a mysql error can help in the hacking process, as, depending on the error, you might be able to retrieve sensitive data which can be used to proceed. Also it might be already the very beginning of an attack.

As you said you would like to learn more about it, OWASP should be able to give you plenty of stuff to go on. Another project of theirs, which should help you in your process of learning, is WebGoat.

Quote
"The primary goal of the WebGoat project is simple: create a de-facto interactive teaching environment for web application security."
« Last Edit: March 05, 2010, 05:42:05 PM by awesec » Logged
The_UnKn@wn
Newbie
*
Offline Offline

Posts: 3


View Profile
« Reply #5 on: March 05, 2010, 06:22:24 PM »
ok, thank you.
Logged
Ketchup
Hero Member
*****
Offline Offline

Posts: 1006



View Profile
« Reply #6 on: March 05, 2010, 07:40:33 PM »
There is definitely more out there than SQLi.  You have XSS, CSRF, etc.  I use a few different web scanners, including w3af, nikto, paros, and now grendelscan.   The automated tools offer some great benefits and identify quite a few vulnerabilities.   However, they also miss some, and identify some false positives.   

Awesec mentioned OWASP already.   They have a fantastic web app pen testing guide.  It does a great job explaining what the vulnerabilities are, how to test for them, and what tools you can use.

http://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf
Logged
~~~~~~~~~~~~~~
Ketchup
j0rDy
Hero Member
*****
Offline Offline

Posts: 578


View Profile
« Reply #7 on: March 08, 2010, 02:37:00 AM »
Quote from: Ketchup on March 05, 2010, 07:40:33 PM
http://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf

this is probably the best link for web application testing!

all the methods are explained and even how to test them yourself! just start with this document and try all the different vulnerabilities/attacks. make a chart of what worked, what didnt work, how it worked and how you will prevent them from happening in production. this is probably the best way to test it (atleast best practice)
Logged
ISC2 Associate, CEH, OSCP, OSWP

earning my stripes appears to be a road i must travel alone...with a little help of EH.net
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.177 seconds with 23 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge: Build Security Skills to Protect & Defend

els_130x200fixed2.gif
eLearnSecurity Student Course Now Live!
5% Off with Code
ELS-EH-5

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_Connect Including SANS Security West 2012 & SANSFIRE 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.