This chapter describes some common Web attack technologies used in HTTP communication
Cross-site scripting attacks
Cross-site Scripting (XSS) is an attack that runs illegal HTML tags or JavaScript code through the browser of a registered user of a vulnerable Web Site. Dynamically created HTML can have security holes.
The attack may have the following effects:
- Use false input forms to defraud users of personal information
- Using scripts to steal the user’s Cookie value, the victim unknowingly helps the attacker to send malicious requests
- Display fake articles or images
The form above shows the input as HTML directly on the page, so there is a security vulnerability. An attacker can edit dangerous code directly in the input box and then run it on the page.
SQL injection attacks
SQL Injection is an attack caused by running illegal SQL against the database used by Web applications. This security hazard may cause great security threats, sometimes directly lead to the disclosure of personal information and confidential information.
SQL injection may cause the following effects:
- Illegally viewing or tampering with data in a database
- Avoid certification
- Execute programs associated with the database server business, etc
If we simply take the concatenated SQL without validating the input, we may be vulnerable to SQL injection attacks.
Directory traversal attack
Directory Traversal attack refers to an attack in which a file Directory that is not intended to be exposed is accessed by illegally truncating its Directory path. This attack is sometimes called Path Traversal.
Session hijacking
Session Hijack means that an attacker obtains a user’s Session ID by some means and uses the Session ID to disguise himself as a user.
Web applications with the authentication function use the session management mechanism based on the session ID as the mainstream mode to manage the authentication status. The session ID records information such as cookies of the client. The server matches the session ID and authentication status in a one-to-one manner.
An attacker may obtain a session ID in the following ways:
- Infer session IDS through informal generation methods
- Steal session ids through eavesdropping or XSS attacks
- Session ID is forcibly obtained through Session Fixation attack
Under normal circumstances, an attacker will inject a piece of JavaScript code after discovering the XSS attack vulnerability of a website, steal the session ID through document.cookie, and implant it into his browser, so that he can pretend to be the stolen user to visit the attacked website.
Five, cross-site request forgery
Cross-site Request Forgeries (CSRF) attacks are passive attacks in which an attacker forces unexpected updates of personal information or Settings of users who have completed authentication by setting traps.
The most common example of this is in a website need to log in to operate, forged an attacker in the website can trigger a dangerous operation content (such as a and the button labels), user inadvertently click these fake is automatically launched after the content of the request, the request if it is pointing to the current site, Information such as the user’s session ID is also taken along, allowing the attacker to inadvertently perform a potentially dangerous operation.
Click hijacking
Clickjacking is the use of transparent buttons or links to create traps over Web pages. An attack that then induces the user to click on that link to access content without knowing it. This behavior is also known as INTERFACE dressing.
The most common examples of this kind of attack are small websites…
DoS attack
A Denial of Service Attack is an Attack that stops a running Service. Sometimes called a denial-of-service attack or denial of service attack. DoS attacks are not limited to Web sites, but also include network devices and servers.
DoS has the following two attack modes:
- The centralized utilization of access requests results in resource overload, where the resources are exhausted and the service is effectively stopped
- The security hole through the attack is the service stop
This shows that all attacks that stop the service can be called DoS attacks.
A well-known case of DoS attack in China is the attack on Teacher Ruan Yifeng’s blog: anti-ddos attack tutorial.