- Shopping Bag ( 0 items )
From Barnes & NobleThe Barnes & Noble Review
It’s so obvious, it’s hardly worth saying: The Web is a cracker’s playground. All those sites, all those unfixed vulnerabilities, all those easy-to-guess passwords and easy-to-steal credit card databases. All those system administrators who think they’re OK because they’re running a firewall. (Ninety-five percent of all attacks occur in spite of a working firewall!)
If you’re responsible for a web site, you desperately need web security guidance from someone who can pull together all the information you need, and all the solutions. You need Web Hacking.
Lead author Stuart McClure cowrote Hacking Exposed, the classic general hands-on guide to hacking and information security. If you’re a Fortune 500 IT professional, you may also know him as president of Foundstone, a leading provider of security assessments, vulnerability protection, consulting, and education.
In Web Hacking, McClure and two of his colleagues turn their attention specifically to web hacking. Like Hacking Exposed, this book covers the full range of attacks web administrators are likely to face. It also presents start-to-finish attack scenarios that show how multiple attacks build on each other.
You’ll start by thoroughly reviewing the vulnerabilities of every element of an e-commerce site: web scripting languages; web servers; database servers; payment systems; shopping carts; and the HTTP and HTTPS protocols.
Some pre-packaged shopping systems have proven notoriously insecure -- especially those widely used by smaller sites. For example, it’s common for shopping cart systems to send critical information such as product IDs and prices via hidden fields in HTML forms. But once the web server sends its HTML response to the browser, the server loses all control over the data sent, and it can’t rely on the data it receives back -- it’s easy for a buyer to change the price tag on an item and go unnoticed. Many systems respond by providing client-side validation, but client-side scripts are just as vulnerable as hidden HTML form fields.
In fact, McClure and company walk through a whole laundry list of shopping system vulnerabilities: metacharacters sent from clients to cause buffer overflows; information retrieval from easy-to-compromise temporary files on the server; weak encryption; file system directory exposure; improper privilege escalation; customer information disclosure; opportunities to alter both products and orders; and, of course, denial-of-service attacks.
There’s a full section on the security risks associated with URLs (more than you may imagine). For example, there’s the IIS vulnerability (since fixed, if you religiously patch your systems) which allows hackers to use URLs with invalid Unicode UTF-8 sequences to change directories on your server, find one where scripts are executable, and run whatever scripts suit their fancy.
Next, you’ll walk step-by-step through a sophisticated web site defacement attack. These come in many varieties; in McClure’s example, a hacker finds a proxy server that permits reverse HTTP proxying (a no-no); then exploits HTTP’s weak encryption to obtain user-level access; finds directory listings; locates a “staging script” that automatically updates web pages on a predefined schedule; then substitutes his own web pages, and waits for the script to run automatically.
The book contains equally detailed coverage of compromising web databases; executing Java code remotely; impersonation; on-the-fly buffer overflows; worms; and techniques for defeating intrusion detection systems. Outside the hacker underground, we’ve never seen this much web security information in a form so useful to working administrators. Bill Camarda
Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.