4 Common Web Vulnerability to Fix
Secure your website from Hackers
I will say, without websites Internet is some kind of useless for most of Internet users. So lots of website getting developed and lots of website getting exploited. Vulnerability exist in some place where the developer don’t care that much to check. But a malicious hacker know how to think like a developer too 😉 .
Here are few vulnerability that is not getting caught that easily by developers and not getting fixed. If you have a website or planning to get one then tell him to keep extra eye to these vulnerability when developing!
Parametered URL is more open to attack
When developers developing a site , they don’t take extra care to make it rest-style URL. The vulnerability may exist in anywhere of your site. But if the site using some kind of server side language like PHP,ASPx,JSP with parametering then the hacker get a bit happier. Because he gets some confidence to attack these parameter URL for Injection type attack. And those site are often vulnerable. Developers often forget to check any specific things, let alone all the URLs :).
http://pusheax.com/vuln.php?variable=value is more interesting than http://pusheax.com/vuln/variable/value. It is still possible to make a injection attack but make harder for new hackers. If the developers don’t like to deal with .htaccess then they should always write code carefully and scan for vulnerability.
SQLi,XSS and Code Execution after users logged in
Many developers like easy coding and like to trust registered users. They sometime forget that a hacker can be his user too. And a hacker know in where a developer may ignore the secure coding.
I have seen many website with rest-style URL. But after logged in everything just in a parameters(http://pusheax.com/vuln.php?variable=value). Most of them was vulnerable to Sql Injection and XSS. Some developer was clever to make the website without parameters. But they forgot to secure the forms such as search form. And that form often was vulnerable to Sql Injection. Data extracted Comfortably with sql injection in protected area. In these kind of situation the burp suite became handy for me.
If xss is found then it might be easier to phish the other users including admin through private message, because users are friend each other 🙂 and there are many reason to trust.
Code execution is a powerful attack can take you to full control of the system. I have found less Code Execution vulnerability but it is still exist in protected area of some websites.
Basically an experienced hacker have more focus on POST method based injection in target’s protected area.
Unusual Error Message lead to further attack
Many website , even high profile website not configured very properly. Wrong input cause displaying unusual errors message. Which is giving you some valuable information like path,username,software version and many more.
A hacker can learn more about the target from these kind of error message. Using these information a attacker can exploit the login page, find Local File Inclusion or Remote File Inclusion vulnerability which may bring a big damage to your website.
You should carefully handle the error message to prevent the attacker to learn about your site.
Internal Users are Unaware
I had got full control of a web database through Social Engineering Sql Injection. Let me tell you the history 🙂 .
I often visited an office(You Guess what office it might be ) . I had good relation with the office employee. I challenged them that i would get free services from them. They accepted! Then i told them that i was just doing fun with them.
They forgot my challenge. For few days i was exploring their site. no vulnerability found. Only found a URL where internal users can logged in, but 3 fail try lock the account(crazy, they are scared of hackers).
I decided to try Social Engineering. I was sure that they won’t click a link. Physically social engineering is only way. I visit their office again and ordered a service. From my place i can see his keyboard typing and clearly his fingers movement. I was looking at him typing. When i ordered the service he logged to that site to entry the order. Bad luck for him, at that time i memorized his finger movement.
He was typing the password very carefully and slowly because wrong try may lock his account , lol. So the some characters was visible too. In 24 hours i tried 8 wrong passwords and finally the 9th try was the successful. After the logon, everything was secure except search form which was vulnerable to error based sql injection. And this leaded me to take control of the full website.
I know my English is not like a native English speaker but still i just tried to express my words to you to secure your website. If you take care of these 4 Web security advise , i am sure your website will have some extra security and will be harder for a hacker to hack you.
Thanks for reading!