By far the most effective means of eliminating path traversal vulnerabilities is to avoid passing user-submitted data to any file system API. In many cases, including the original example GetImage.aspx?file=diagram1.jpg , it is entirely unnecessary for an application to do this. For most files that are not subject to any access control, the files can simply … Read more
Many applications contain a facility for users to submit messages via the application; for example, to report a problem to support personnel or provide feed-back about the web site. This facility is usually implemented by interfacing with a mail (or SMTP) server. Typically, user-supplied input will be inserted into the SMTP conversation that the application server … Read more
In order to extract useful data from the database, you normally need to know the names of the tables and columns containing the data you wish to access. The main enterprise DBMS’s contain a rich amount of database metadata that you can query to discover the names of every table and column within the database. … Read more
Most of the techniques described so far are effective against all of the common database platforms, and any divergences have been accommodated through minor adjustments to syntax. However, as we begin to look at more advanced exploitation techniques, the differences between platforms become more significant, and you will increasingly need to know which type of … Read more
Even a well-designed authentication mechanism may be highly insecure due to mistakes made in its implementation. These mistakes may lead to information leakage, complete login bypassing, or a weakening of the overall security of the mechanism as designed. Implementation flaws tend to be more subtle and harder to detect than design defects such as poor … Read more
We have said that the JVM operates on the stream of bytecode as an interpreter. This means that it processes bytecode while the program is running and converts it to real machine code that it executes on the fly. You can think of a computer program as being like a railroad track, with the train … Read more
Firewalls A machine connected to the Internet that isn’t behind a firewall is a disaster waiting to happen. And you won’t have to wait long. A recent study by the Internet Storm Center has shown that unpatched Windows computers only lasted 20 minutes before they were infected by some malware. If you’re running Linux, you’re … Read more
Vulnerabilities need to be identified by both the penetration tester and the vulnerability scanner. The steps are similar for the security tester and an unauthorized attacker. The attacker may choose to proceed more slowly to avoid detection, but some penetration testers will also start slowly so that the target company can learn where their detection … Read more
Develop a penetration test plan Establishing the test ground rules is a particularly important part of penetration analysis. The rules are captured in the penetration test plan, which defines the test objective, the product configuration, the test environment, test resources, and schedule. It is important that penetration testing use ethical evaluators who are no antagonistic … Read more
HOW TO SET UP A FIREWALL UNDER LINUX? To configure a Linux firewall, you will likely use the latest implementation of firewalling, called IPTables. IPTables is a packet filter for kernels 2.4 and above. It is a tremendous improvement over IPChains and provides enhanced features such as stateful packet filtering, Network Address Translation, MAC Address … Read more