Seven Deadliest Web Application Attacks, Syngress

7 D.W.A.A

The Seven Deadliest Attacks Series

Mike Shema

e-books shop
Seven Deadliest Web Application Attacks

About the Authors
Mike Shema is the lead developer for the Web Application Scanning service offered
by the vulnerability management company Qualys. The Web scanning service provides
automated, accurate tests for most common Web vulnerabilities. Prior to
Qualys, Mike gained extensive information security experience based on consulting
work while at Foundstone. He has developed and conducted training on topics ranging
from network security to wireless assessments to Web application penetration
testing. Much of this experience has driven research into various security-related
topics that he has presented at conferences in North America, Europe, and Asia,
including BlackHat, InfoSec, and RSA.
Mike has also coauthored Anti-Hacker Toolkit, Third Edition and Hacking
Exposed: Web Applications, Second Edition. He lives in San Francisco and would
like to thank the RPG crew for keeping anachronistic random generators alive.

Technical Editor
Adam Ely (CISSP, NSA IAM, MCSE) is Director of Corporate Security for TiVo
where he is responsible for IT security and corporate security policies. Adam has
held positions with The Walt Disney Company where he was Manager of Information
Security Operations for the Walt Disney Interactive Media Group, and Senior
Manager of Technology for a Walt Disney acquired business. In addition, Adam was
a consultant with Alvarez and Marsal where he led security engagements for clients.
Adam’s background focuses on application and infrastructure security. Adam has 
published many application vulnerabilities, application security roadmaps, and other articles.

How This Book Is Organized
This book contains seven chapters that address a serious type of attack against Web sites
and browsers alike. Each chapter provides an example of how an attack has been used
against real sites before exploring the details of how attackers exploit the vulnerability.
The chapters do not need to be tackled in order. Many attacks are related or build on
one another in ways that make certain countermeasures ineffective. That’s why it’s
important to understand different aspects of Web security, especially the concept that
security doesn’t end with the Web site, but extends to the browser as well.

Chapter 1: Cross-Site Scripting
Chapter 1 describes one of the most pervasive and easily exploited vulnerabilities
that crop up in Web sites. XSS vulnerabilities are like the cockroaches of the Web,
always lurking in unexpected corners of a site regardless of its size, popularity, or
security team. This chapter shows how one of the most prolific vulnerabilities on the
Web is exploited with nothing more than a browser and basic knowledge of HTML.
It also shows how the tight coupling between the Web site and the Web browser can
in fact be a fragile relationship in terms of security.
Chapter 2: Cross-Site Request Forgery
Chapter 2 continues the idea of vulnerabilities that target Web sites and Web browsers.
CSRF attacks fool a victim’s browser into making requests that the user didn’t
intend. These attacks are more subtle and difficult to block.
Chapter 3: Structured Query Language Injection
Chapter 3 turns the focus squarely onto the Web application and the database
that drives it. SQL injection attacks are most commonly known as the source
of credit-card theft. This chapter explains how many other exploits are possible
with this simple vulnerability. It also shows that the countermeasures are relatively
easy and simple to implement compared to the high impact successful attacks carry.
Chapter 4: Server Misconfiguration and Predictable Pages
Even the most securely coded Web site can be crippled by a poor configuration
setting. This chapter explains how server administrators might make mistakes that
expose the Web site to attack. This chapter also covers how the site’s developers
might also leave footholds for attackers by creating areas of the site where security is
based more on assumption and obscurity than well-thought-out measures.
Chapter 5: Breaking Authentication Schemes
Chapter 5 covers one of the oldest attacks in computer security: brute force and the
login prompt. Yet brute force attacks aren’t the only way that a site’s authentication
scheme falls apart. This chapter covers alternate attack vectors and the countermeasures
that will – and will not – protect the site.
Chapter 6: Logic Attacks
Chapter 6 covers a more interesting type of attack that blurs the line between technical
prowess and basic curiosity. Attacks that target a site’s business logic vary as much as
Web sites do, but many have common techniques or target poor site designs in ways
that can lead to direct financial gain for the attacker. This chapter talks about how the
site is put together as a whole, how attackers try to find loopholes for their personal
benefit, and what developers can do when faced with a problem that doesn’t have an
easy programming checklist.
Chapter 7: Web of Distrust
Chapter 7 brings Web security back to the browser. It covers the ways in which malicious software, malware, has been growing as a threat on the Web. 
This chapter also describes ways that users can protect themselves when the site’s security is out of their hands.

Syngress is an imprint of Elsevier.
30 Corporate Drive, Suite 400, Burlington, MA 01803, USA
This book is printed on acid-free paper.
© 2010 Elsevier Inc. All rights reserved.
E-books Shop

Purchase Now !
Just with Paypal

Product details
 File Size
 2,888 KB
 152 p
 File Type
 PDF format
 2010 Elsevier Inc        

═════ ═════

Loading... Protection Status