Web penetration testing guide

Open Redirect Vulnerability

CSRF Attacks

CSRF with GET Requests

CSRF with POST Requests

  • A attacker wants to make a privileged action i.e. changing password of a victim
  • If a website only relies on cookie based session handling for authentication.
  • There are no unpredictable parameters(in the url) involved i.e. those which cannot be guessed.
  • Server sends client a token
  • Client submits the form with token
  • The server rejects the request if the token is invalid

SameSite Cookie

Command Injection

  • To detect this type of vulnerability we can us the following ping command.& ping -c 10 [target ip] & causing the website to continuously ping the ip address which in most cases is its loop back interface.
  • Another way to detect blind injection is by redirecting the output. For example & whoami > /var/www/static/whoami.txt & After this we can redirect our browser to confirm that output.
  • Another way to detect this type of vulnerability is by using out-of-band technique which means we will input a command which will trigger a network interaction of the web server with the machine we own. For example & nslookup attacker.com

SQL Injection

  • The individual queries must return the same number of columns.
  • The data types in each column must be compatible between the individual queries.

--

--

I am a Cyber Security Engineer(currently studying) and a technology enthusiast.Looking forward to engage with the Medium community and share knowledge!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
A51F221B

I am a Cyber Security Engineer(currently studying) and a technology enthusiast.Looking forward to engage with the Medium community and share knowledge!