issuhub.com

CEH

(Jeff_L) #1

318 Chapter 13 ■ Web Servers and Web Applications


The website has read the name from your browser via the link in the e-mail. When the

link was clicked in the e-mail the website was told your name is <script>evilScript

()</script>.


  1. The web server reports the name and returns it to the victim’s browser.

  2. The browser correctly interprets this as script and runs the script.

  3. This script instructs the browser to send a cookie containing some information to the
    attacker’s system, which it does.


XSS is an older attack, so many modern browsers include protection

against it. However, the protection is not foolproof and attacks can in

fact be induced through poor configuration, patching, or even third-party

add-ons.

Insecure Logon Systems

Many web applications require some sort of authentication or login process prior to their

use. Due to the importance of the logon process it is essential that it be handled safely and

securely. Care must be taken that the incorrect or improper entry of information does not

reveal information that an attacker can use to gain additional information about a system.

Applications can track information relating to improper or incorrect logons by users if

so enabled. Typically, this information comes in log form, with entries listing items such as:

■ Entry of an invalid user ID with a valid password

■ Entry of an valid user ID with an invalid password

■ Entry of an invalid user ID and password

Applications should be designed to return generic information that does not reveal

information such as correct usernames. Web apps that return a message such as “username

invalid” or “password invalid” can give an attacker a target to focus on—such as a correct

password (see Exercise 13.1).

E XE RC I S E 13 .1

Performing a Password Crack

One tool designed to uncover and crack passwords for web applications and websites is

a utility known as Brutus. Brutus is not a new tool, but it does demonstrate one way an

attacker can uncover passwords for a website and applications. Brutus is a password cracker

that is designed to decode different password types present in web applications.

Brutus is as simple to use as are most tools in this category. Follow these steps:


  1. Enter the IP address in the Target field in Brutus.


This is the IP address of the server on which the password is intended to be broken.
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.