Section 03: Web Server Attack Methodology

Attack Methodology

Footprinting

Footprinting (also known as reconnaissance) is the technique used for gathering information about computer systems and the entities they belong to.

Website mirroring

Mirror sites or mirrors are replicas of other websites or any network node. The concept of mirroring applies to network services accessible through any protocol, such as HTTP or FTP. Such sites have different URLs than the original site, but host identical or near-identical content.

Vulnerability scanner

A vulnerability scanner is a computer program designed to assess computers, networks or applications for known weaknesses. These scanners are used to discover the weaknesses of a given system. They are utilized in the identification and detection of vulnerabilities arising from mis-configurations or flawed programming within a network-based asset such as a firewall, router, web server, application server, etc.

Session hijacking

In computer science, session hijacking, sometimes also known as cookie hijacking, is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server.

Whois

Large database of whois information, DNS, domain names, name servers, IPs, and tools for searching and monitoring domain names.

/robots.txt

A robots.txt file tells search engine crawlers which URLs the crawler can access on your site.

Branner grabbing

Banner grabbing is a technique used to gain information about a computer system on a network and the services running on its open ports. Administrators can use this to take inventory of the systems and services on their network. However, an intruder can use banner grabbing in order to find network hosts that are running versions of applications and operating systems with known exploits.

Default credentials

A Default Credential vulnerability is a type of vulnerability in a computing device that most commonly affects devices having some pre-set (default) administrative credentials to access all configuration settings. The vendor or manufacturer of such devices uses a single pre-defined set of admin credentials to access the device configurations, and any potential hacker can misuse this fact to hack such devices, if those credentials are not changed by consumers.

Links

• https://en.wikipedia.org/wiki/Footprinting

• https://en.wikipedia.org/wiki/Mirror_site

• https://en.wikipedia.org/wiki/Vulnerability_scanner

• https://en.wikipedia.org/wiki/Session_hijacking

• https://who.is

• https://en.wikipedia.org/wiki/Banner_grabbing