Home > Hacking > Server Hacking



Web Hacking

Sort Desciption:

This labs focus will in be web server hacking. Web server hacking refers to attackers. taking advantage of vulnerabilities inherent to the web server ...



Content Inside:

Web HackingPage 11 Group Number: ______ Member Names: _______________ _______________ ECE 4893: Internetwork SecurityLab 12: Web Security Date: April 6 2004 Date Due: April 13 2004 Last Revised: April 2 2004 Written by: Tom Bean and Valerio Oricchio Goal:The goal of this lab is to setup an Apache Web server with thirdparty modules and exploit some vulnerabilities using various tools. This labs focus will in be web server hacking. Web server hacking refers to attackers taking advantage of vulnerabilities inherent to the web server software itself (or one of its addon components). These vulnerabilities are typically publicized and are easy to detect and attack. An attacker with the right set of tools and readymade exploits can bringdown a vulnerable web server in minutes. For this reason it is crucial for web administrators to always patch their web server and related software. Copy the files from the Lab12 Folder on the NAS to the various machines On the Redhat 8.0 host machine: # mkdir /root/lab12 # cp rf /mnt/nas4893/Lab12/RH8.0/* /root/lab12 On the Windows XP virtual machine: Create a folder called lab12 on the desktop. Copy the contents of the Windows directory of Lab12 on the NAS to this folder. For this lab we will be accessing an Apache web server on the Mininet. The address is 138.210.238.42 and the domain name is www.cc.gatech.edu. Exercise 1: Web Security Utilities Some of the following utilities will need SSL support so first and foremost install OpenSSL on the Redhat 8.0 host: # cd /root/lab12 # tar xvfz openssl0.9.6j.tar.gzPage 22 # cd openssl0.9.6j # ./config shared prefix=/usr/local/ssl fPIC# make # make test # make install Now the utilities we install can use the SSL libraries. WGET When targeting a web server a serious hacker would study its content thoroughly. This might involve downloading its entire content for offline examining at his leisure. Doingthis manually would be very tedious and tiresome so luckily there are some useful tools ...

Source: users.ece.gatech.edu


add to Google Reader add to Google Bookmark add to bloglines add to newsgator add to FURL add to digg add to webnews add to Netscape add to Yahoo MyWeb add to spurl.net add to diigo Bookmark newsvine Bookmark del.icio.us Bookmark @ SIMPIFY Bookmark MISTER WONG Bookmark Linkarena Bookmark icio.de Bookmark oneview Bookmark folkd.com Bookmark yigg.de Bookmark reddit Bookmark StumbleUpon Bookmark Slashdot Bookmark blinklist Bookmark technorati add to blogmarks add to blinkbits add to ma.gnolia add to smarking.com add to netvouz add to co.mments add to Connotea add to de.lirio.us

 

Related Files

Vlandriks Ultimate Guide - Hacking Source Forum

Filed under: Hacking and Server Hacking
Sideshow ( Log Out ) Options Aug 13 2006, 08:54 PM My Controls · View New Posts · My Assistant Hacking Source Forum » World of Warcraft » World of Warcraft Server Emulation Vlandriks Ultimate Guide ...

Hacking Techniques

Filed under: Hacking and Server Hacking
Hacking Techniques. Network based System Hacking. Web Server Hacking. Physically enter the Target Building. WLAN (Wireless LAN) Hacking ...

Web Hacking

Filed under: Hacking and Server Hacking
This labs focus will in be web server hacking. Web server hacking refers to attackers. taking advantage of vulnerabilities inherent to the web server ...

Hacking SQL Server

Filed under: Hacking and Server Hacking
Hacking / Hacking Exposed Windows Server 2003: Windows Security Secrets & Solutions / Scambray ...... some of the tools of the trade in SQL Server hacking. ...

Real Time Hacking : ISA Server

Filed under: Hacking and Server Hacking
This case study is entirely based on my hacking experiences with Microsoft ISA Servers.It gives you. people with the way to get related to the ISA server ...