border: 1px solid #d2d2d2; padding: 0px 8px 0px 8px; color: #a19999; font-size: 12px; height: 25px; width: 165px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; margin:0px; } .submitbutton{ background:#F66303; border: 1px solid #F66303; text-shadow: 1px 1px 1px #333; box-shadow: 3px 3px 3px #666; font:bold 12px Arial, sans-serif; color: #fff; height: 25px; padding: 0 12px 0 12px; margin: 0 0 0 5px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; cursor:pointer;}

Receive all updates via Facebook. Just Click the Like Button Below

You can also receive Free Email Updates:

Powered By Blogger Widgets

Related Posts Plugin for WordPress, Blogger...

Wednesday, April 27, 2011

Web Application Hacking Basics



In this following post we will have a little basicunderstanding about web application and web application hacking. Now before our discussion on what is web application hackinglets understand first what a web application is? A web application is application which can be accessed over Internet or Intranet. Usually a term web application is used for a computer application hosted over a web server which can be accessed using web browser.The main motive of a web application is to give more functionality than just a website. Webmails, database, login forms, flash scripts, Java scripts and applets, discussion boards, guest books, blogs including blogger and word-press all are examples of web applications.



A web application works on principle of client/server architecture where a web browser usually acts as a client and web server acts as application server. In early days usually Java was held as programming language for web application development but things are changed with time. All web applications are designed to perform some specific task or job in a possible easier way like online shopping, banking, social networking(even facebook is a web app), mailing and even sharing of information in an interactive way. Since there are several types of web applications it’s still little problematic situation to classify them on basis of application, vulnerability and threat level. But most commonly web application related threats can be classified as follows,


Cross Site Scripting (XSS) Attacks
SQL Injection
Command Injection
Cookie Attacks
Parameter/Form Tampering
Buffer Overflow
Directory Transversal
Cryptographic Authentication Attack or SSL Attack
Platform Exploiting
File Inclusion



Few of above are still under controversy about getting included as web application threat. By the way as you can see list is long and we will surely spend a lot of time understanding and creating countermeasure to them. There some other basic things too to consider before we move towards real web application hacking but we will cover them next time. Till then thanks for reading, have a nice time and keep visiting.

No comments:

Post a Comment

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More