Web App Hacking
Web applications or web apps are the interface of a website to the Internet. Many of them are so poorly designed that it is relatively easy to take control or deface these sites. Many of Content Management Systems (CMS) such as WordPress, Drupal, and Joomla are bug-riddled. Even when these are patched, these CMSs have a multitude of plug-ins that are often poorly designed.
In this series, we will first familiarize you with Web Technologies and terminology, then look at strategies for hacking web apps, and then examine how to find vulnerabilities and how to exploit them.
The tutorials in this series include;
Web App Hacking, Part 04: Finding Vulnerabilities in WordPress Sites
WordPress is the most ubiquitous of the Content Management Systems for building websites. According to WordPress, this CMS is used in 27% of the top 10 million websites! That gives us lots of fertile ground to cultivate in our hacking adventures! Built on PHP, Apache and MySQL, it provides developers
Web App Hacking, Part 04: Using Dirb to Find Hidden Directories
Welcome back, my hacker novitiates! Often, to hack a website, we need to connect to and exploit a particular object within the website. It might be an admin panel or a sub-directory that is vulnerable to attack. The key, of course, is to find these objects, as they may be
Web App Hacking, Part 05: Enumerating Users and Bruteforcing Passwords on WordPress Sites
Welcome back, my newbie hackers! In previous articles this section, I showed you how to find WordPress sites and how to identify the vulnerabilities in these sites (WordPress comprises nearly 30% of all websites). In this tutorial, we will use wpscan again to enumerate the user accounts on that WordPress
Web App Hacking, Part 06: Exploiting XMLRPC for Bruteforcing WordPress Sites
WordPress is the world’s most widely used Content Management System (CMS) for websites, comprising almost 28% of all sites on the Internet. This means that tens of millions of websites use this CMS and the vulnerabilities we find there can be used on so many sites that it makes sense
Web App Hacking, Part 07: Injecting a Backdoor into a Website with weevely
Welcome back my rookie Web App Hackers! Often, you will have the opportunity to upload a file to website such a Word Doc, a PDF or a picture such as a .jpg or .png. You have probably uploaded pictures to Facebook or Twitter and maybe uploaded DOC or PDF documents
Web App Hacking, Part 08: Cloning a Web Site with httrack
Welcome back, my nascent hackers! Often when attempting to hack a web site, it might be useful to make a copy and work with it off-line. While working online, often our actions will be detected by security devices such as an IDS or WAF and security engineers. By taking the
Web App Hacking, Part 09: Cross Site Scripting (XSS)
Welcome back, my fledgling hackers! The next tutorial in this Web App Hacking series involves among the most critical vulnerabilities in web applications, cross site scripting or XSS. XSS annually makes it into the OWASP Top Ten web application vulnerabilities for good reason. In the most simple terms, XSS allows
Web App Hacking, Part 10: Directory or Path Traversal
Welcome back, my novice hackers! In this series on Web App Hacking, we are examining multiple ways to hack web sites and web applications. In this particular tutorial we will examine directory or path traversal. In this type of attack, the hacker is able to get access files on the
Web App Hacking, Part 11: Local File Inclusion (LFI)
Welcome back, my aspiring Cyber Warriors! In this series–Web App Hacking–we are exploring the many ways that an attacker can compromise Web Applications. In this tutorial, we will explore using Local File Inclusion or LFI. Many scripting languages used in web applications support the use of include() function. These make
Web App Hacking, Part 12: Comprehensive Web Recon with TIDoS
Welcome back, my aspiring hackers! As I often say, reconnaissance is a crucial part of hacking. You must carefully and thoroughly gather information on the target before attacking, otherwise you are usually wasting your time and risking detection. There are many tools for this purpose many of which I have
Web App Hacking, Part 12: Cross Site Request Forgery (CSRF)
Welcome back, my aspiring cyber warriors! In this series on Web App Hacking, we continue to explore ways to hack web applications (apps). In this tutorial, we will explore Cross Site Request Forgeries or CSRF. CSRF is an attack where the attacker inherits the credentials and privileges of the legitimate
Web App Hacking, Part 14: OS Command Injection
Welcome back, my aspiring cyber warriors! In this tutorial on Web App Hacking, we’ll examine Operating System command injection. This web site vulnerability enables the attacker to inject and execute operating system commands into the underlying server and often fully compromise the server and all its data. If the attacker
Web App Hacking, Part 15: Web site Fingerprinting with Whatweb
Welcome back, my aspiring cyber warriors! Web sites are built using a variety of technologies (see Web Technologies here). In most cases, before we develop a hacking strategy of the web site, we need to understand the technologies employed in building the website. Web site attacks are not generic. Attacks
Web App Hacking: BurpSuite, Part 02: Bypass Weak Input Validation to Upload Malware to a Website
Welcome back, my aspiring cyber warriors! In general, we can say that the solution to many injection attacks in web applications is “Input Validation”. Input validation makes certain that only the type of input that the application was developed to handle is input and not malicious commands or scripts masquerading
Web App Hacking: BurpSuite, Part 03: Testing for Persistent XSS
Welcome back, my aspiring cyberwarriors! Cross Site Scripting or XSS is one of the most problematic vulnerabilities in web applications. It ranks among the OWASP Top 10 website vulnerabilities nearly every year. For more on cross-site scripting, check out my post here. In this tutorial, I will demonstrate how to
Web App Hacking: BurpSuite, Part 04: Remote File Inclusion (RFI)
Welcome back, my aspiring web app hackers! In this series on Web App Hacking, we are exploring the multitude of ways of hacking web applications. Here, we are delving into the most widely used Web App Hacking tools, BurpSuite (BurpSuite is on my essential hacking tools list here). In an
Web App Hacking: Finding Vulnerable WordPress Sites
WordPress-based websites are among the most numerous on this planet (maybe other planets too, but I can’t vouch for that). According to WordPress’s own website, WordPress powers 23% of the top 10 million websites. That’s approximately 2.3 million sites using WordPress! WordPress websites are also among the most vulnerable websites.
Web App Hacking: Fuzzing Web Apps to Find Bugs with BurpSuite
Welcome back, my aspiring cyberwarriors! In previous tutorials here on Hackers-Arise, we have used the BurpSuite for a number of purposes to test, evaluate and hack web applications. BurpSuite is among that set of tools that every hacker/pentester/bug bounty hunter should be familiar with! In this tutorial, we will be
Web App Hacking: Getting Started with OWASP-ZAP
Web apps are often the best vector to an organization’s server/database, an entry point to their entire internal network. By definition, the web app is designed to take an input from the user and send that input back to the server or database. In this way, the attacker can send
Web App Hacking: Katana, A Next-Generation Crawling and Spidering Framework
Welcome back, aspiring cyberwarriors! The ability to effectively map, crawl, and spider web applications can mean the difference between a successful engagement and missing critical vulnerabilities that could compromise an entire organization. Traditional crawling tools have served us well over the years, but as web applications become increasingly complex with
Learn more in the courses:
