SQL Injection- A favorite tool of the ‘Online Rogues
SQL injection, simply put, is a hacking technique used to exploit the security vulnerability of a web application and dump the contents to the attacker. It is one of the most cherished techniques employed by attackers against database-driven applications. A widely accepted reason for the same is that SQL Injections are unbeknownst to the common people as a potential threat to their security. Also they do not demand a prior training or software downloads, making it wieldy even for amateurs.
Methodology Involved:
For a hacker driven by the need of vanity and vandalism, understanding the technical science involved in an SQL injection is not a Herculean task. Two popular methods of SQL Injection are described below:👇👇
Merged queries:
If a software entity or a website entails a vulnerability (existing due to an improper way of collecting input from user or interacting with database via SQL), it gets very easy for a hacker to ‘insert’ an arbitrary SQL code piece for server execution. This compromises the natural integrity of the database in HTML form and culminates in jeopardized outputs
Unions:
Another popular way of SQL script injection entails the use of website URLs. Commonly known as “Unions”, this method can be implemented in Linux servers (that use MySQL and PHP) by attaching SQL queries in the URL of a web page in a particular session. If the hacker is already aware of the variables used like ‘user_ID’, he can inject the SQL codes directly. Conversely, he may use the trial and hit method due to the common nomenclature conventions such as ‘userNames’, ‘userTable’ etc
♥️Example 1 – List all users♥️
♦️Original query♦️
HTTP Request : get_users.php?userid=1234 Original query: "select * from users WHERE id = 1234";
♦️Modified query (“Merged”)♦️
HTTP Request : get_users.php?userid=1234 OR 1=1 Executed query: "select * from users WHERE key = 1234 OR 1=1"; // 1 will always be 1
♥️Example 2 – List all users♥️
♦️Original query♦️
HTTP Request : get_users.php?key=ABCD Original query: "select * from users WHERE key = 'ABCD'";
♦️Modified query (“Merged”)♦️
HTTP Request : get_users.php?key=ABCD' OR key LIKE '% Executed query: "select * from users WHERE key = 'ABCD' OR key LIKE '%'"; // % means anything
Try it out
Most people learns best from doing – not reading. Try it out yourself in the simulator at the following URL :
HEARTBLEED BUG:
🔺About the heartbleed bug
The secret keys can be leaked from the service or hosting provider, which allows an attacker to decrypt any encrypted traffic to the web server, such as passwords. The attacker can then use e.g. the credentials to authorize as the user. Off course all other confidential or private information is exposed by this security flaw as well. To point out the seriousness of this vulnerability, some of the most known companies that has been exposed to the heartbleed bug is: Google, Yahoo and Instagram. It still haven’t been confirmed if Facebook was affected by the Heartbleed bug
DDOS:
A distributed denial of service (DDoS) attack is one in which a large number of compromised systems connect to a single target (like a website), thereby causing denial of service for genuine users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, rendering it unable to service legitimate users.
Historically, DDoS attacks have proven to be one of the most devastating hacks a company can face. To put it into perspective, Google’s net income in 2015 was $16.3 billion; If a DDoS attack shuts down Google.com even for an hour, it would cost them $1.86 million. There’s your perspective. Now let’s see how it works.
A computer under the control of an intruder is known as a zombie or a bot. A group of co-opted computers (infected by the same malware for the same purpose) is known as a botnet or a zombie army. Note that a bot generally implies a completely compromised system. Computers in a botnet are typically infected with a backdoor that allows the attacker to carry out any commands (such as pummeling requests at a website).
A typical DDoS attack has two steps:
Create a botnet
Unleash the botnet
Scanning
Attackers often try to find a weak link which can act as an entry point. Once identified they infiltrate and tend to spread the malware throughout the system.
SPAMMING:
Spamming is the use of electronic messaging systems like e-mails and other digital delivery systems and broadcast media to send unwanted bulk messages indiscriminately. The term spamming is also applied to other media like in internet forums, instant messaging, and mobile text messaging, social networking spam, junk fax transmissions, television advertising and sharing network spam.
Spamming (especially e-mail spam) is very common because of the economics. Spam advertisers have little to no operating costs and so need only a minute response rate to make a profit. Most spam are commercial advertising, but some contain viruses, adware
CROSS SITE SCRIPTING:
What is cross-site scripting?
Cross-site scripting is what happens when an attacker takes advantage of a vulnerability in a webpage to inject their own code. That code can steal user information such as credentials, session cookies, and other sensitive data, and can even live persistently on a site to attack multiple users.
A XSS attack is unique because these vulnerabilities don't target the website or web app they exploit--it's only an attack vector. XSS uses scripts that are executed on a user's machine; these scripts are called client-side scripts. The vast majority of these are coded in JavaScript or HTML, though there are other languages that can be used for client-side scripts.
◾What is SSH?◾
Secure Shell (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network.Typical applications include remote command-line login and remote command execution, but any network service can be secured with SSH.
SSH provides a secure channel over an unsecured network in a client–server architecture, connecting an SSH client application with an SSH server. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2. The standard TCP port for SSH is 22. SSH is generally used to access Unix-like operating systems, but it can also be used on Windows. Windows 10 uses OpenSSH as its default SSH client.
0 comments:
Post a Comment