Penetration Test - Select Your Attacks(9)

Application Exploits, Part II

AUTHENTICATION EXPLOITS
  • Credential brute forcing
    • Offline cracking(Hydra)
  • Session hijacking
    • Intercepting and using a session token(generally) to take over a valid distributed (web) session
  • Redirect
    • Sending the user to a different site from what they expected (phishing)
  • Default credentials
    • Out of the box artifacts (you have to clean these up!)
  • Weak credentials
    • This is why password cracking works
  • Kerberos exploits
    • Forged tickets to allow unauthorized access to resources
AUTHORIZATION
  • Parameter pollution
    • Providing custom input parameters to alter service/API operation
  • Insecure direct object reference
    • Programming mistake that can allow an attacker to bypass access controls and access resources or data
QUICK REVIEW
  • Authentication attacks include credential brute forcing, session hijacking, redirecting, and forged Kerberos tickets
  • If you can acquire valid authentication credentials, you have access to lots of data
  • Authorization attacks include parameter pollution and insecure direct object reference
上一篇:Penetration Test - Survey the Target(7)


下一篇:「工具」JDK好用的工具类或方法