This study presents how it is possible to get a shell access to the target system using common web application vulnerabilities. Both the client and server side are breached. Attacks are described step by step and resu...
详细信息
This study presents how it is possible to get a shell access to the target system using common web application vulnerabilities. Both the client and server side are breached. Attacks are described step by step and results are presented using a real webapplication. The attacks are analyzed and described why they were successful. Successful attacks require that insufficient user input validation and unsafe coding standards are practiced. Also, environments need to be misconfigured, for example, a MySQL user has unneeded write access to a folder which is accessible by the web server.
SQLIA is adopted to attack websites with and without confidential information. Hackers utilize the compromisedwebsite as intermediate proxy to attack others for avoiding being committed of cyber-criminal and also enla...
详细信息
SQLIA is adopted to attack websites with and without confidential information. Hackers utilize the compromisedwebsite as intermediate proxy to attack others for avoiding being committed of cyber-criminal and also enlarging the scale of Distributed Denial of Service Attack (DDoS). TheDDoS is that hackers maliciously turn down a website and make network resources unavailable to web users. It is extremely difficult to effectivelydetect and prevent SQLIA because hackers adopt various evading SQLIA Intrusion Detection System techniques. Victims always are not aware of that their confidential information has beencompromised for a long time. The contributions of this thesis are: (1) systematically exploreSQLIA, SQLIA preventionin theory; (2) demonstrate, evaluate imitative SQLIA with open source SQLIA tools andSQLIA preventiontools in practice; (3) new filters for eliminating SQLIA evadingIDS/IPS detectiontechniques to improve SQLIA prevention. The achievements of this thesis are to successfully obtain637 copies replied questionaire of surveying open source SQLIA tools and open source SQLIA prevention tools inquantitative research. Up to 76 virtual websites which have not been installed any SQLIA prevention tools have been successfully compromised in 500 penetration tests by SQLIA experiments in virtual environment of qualitative research. Furthermore, 27compromised virtual websites that are installed with SQLIA prevention tools have experiences600 times penetration tests. The open source SQLIA prevention toolssuccessfully prevent total 573 times out of 600 times SQLIA penetration tests. To conduct 100 times penetration tests for each new filters of eliminating SQL injection evading IDS/IPSdetection and testing result shows that all new filters can successfully prevent evading techniques with a high percentage, but with some side effect.
Tools that automate testing of webapplications for Cross-Site Scripting (XSS) vulnerabilities perform well when they have a strong knowledge base. Though, they heavily rely on brute force, which is not always an effe...
详细信息
Tools that automate testing of webapplications for Cross-Site Scripting (XSS) vulnerabilities perform well when they have a strong knowledge base. Though, they heavily rely on brute force, which is not always an effective choice. On the other hand, expert penetration testers adopt exploit methods that are more accurate, but often not structured. We propose to solve the above mentioned problems, by designing and implementing an intelligent agent, called Suggester, that recommends actions to penetration testers. First, a black-box testing methodology inspired by a penetration tester's behavior, is developed. Such methodology consists of sending a sequence of strings to a webapplication and observing the responses. Then, an agent is trained to produce attack strings using the framework of a Multi objective Reinforcement Learning environment (MORL), with a parameterized action space. Each complete attack string is identified as a separate objective to reach. Q-Learning is used to train the agent upon separate, unrelated objectives. Then, the learned actions are suggested to a human-in-the-loop, who performs the actions and collects observations. This allows to orchestrate the agent into pursuing the right objective and selecting the next best action to recommend. The final evaluation proves the scalability of the proposed solution, as well as show an increase in accuracy when compared to other automated scanners. (c) 2021 Elsevier Ltd. All rights reserved.
Gaining unauthorized remote access to an environment is generally done either by exploiting a vulnerable service, or application that is internet-based;or by tricking a user into executing malicious codes. The former ...
详细信息
Gaining unauthorized remote access to an environment is generally done either by exploiting a vulnerable service, or application that is internet-based;or by tricking a user into executing malicious codes. The former one is typically more simple since there is no need for any user interaction. The latter one, however, requires much more effort on the attackers' side since they must find a way to incite the victim into opening a malicious document and interacting with an HTML page in a web browser. In this paper, we will focus on the latter technique which falls into the social engineering category, as it will involve the use of a phishing attack. The reason for this selection is based on the fact that it is challenging to correct user behavior. Thus, it increases the attackers' chance of performing a successful attack, contrary to the former technique, where a simple patch, upgrade, or update can prevent the adversaries from being successful in their attacks. Since Microsoft Office is a very trusted and used software by many people (both in personal and commercial use), we will make use of its features to build our payloads and eventually to gain a remote code execution to a victim's system. Performing a successful phishing attack involves a lot of barriers that often need to be crossed such as the need for similarity, purchasing domains, the use of encoding, encryption, etc. Nowadays, companies frequently employ very aggressive antivirus software that will delete malicious files as soon as they land on their system. Therefore, bypassing the security protections will need to be taken into account, which will also be addressed in this paper.
Modern e-business policy aims to better frame and steer progress and advancements towards a legal and security aware framework. However, a large percentage of cases neglects the adoption of good security practices, ex...
详细信息
ISBN:
(纸本)9781450395557
Modern e-business policy aims to better frame and steer progress and advancements towards a legal and security aware framework. However, a large percentage of cases neglects the adoption of good security practices, exposing customers to potential risks. In this work, we present a hybrid approach upon self-assessment, self-improvement and self-regulation motivation, offered by the observAtory for Security and PrIvacy DAta (ASPIDA) system. To address privacy and security weaknesses we monitor and analyze a set of security and privacy metrics and indicators. The evaluation of the aforementioned criteria drives an outcome in the form of a digital badge of good practices for the specific website. This digital badge is a recognition and can be used by the e-business owners as an attraction that frames the services and content they offer to the public.
暂无评论