0

 
 
 Below are the well known Methods For Hacking Web Applications !


This list below fits in category Parameter manipulation
    Arbitary File Deletion
    Code Execution
    Cookie Manipulation ( meta http-equiv & crlf injection )
    CRLF Injection ( HTTP response splitting )
    Cross Frame Scripting ( XFS )
    Cross-Site Scripting ( XSS )
    Directory traversal
    Email Injection
    File inclusion
    Full path disclosure
    LDAP Injection
    PHP code injection
    PHP curl_exec() url is controlled by user
    PHP invalid data type error message
    PHP preg_replace used on user input
    PHP unserialize() used on user input
    Remote XSL inclusion
    Script source code disclosure
    Server-Side Includes (SSI) Injection
    SQL injection
    URL redirection
    XPath Injection vulnerability
    EXIF



This list below fits in category MultiRequest parameter manipulation


    Blind SQL injection (timing)
    Blind SQL/XPath injection (many types)



This list below fits in category File checks

    8.3 DOS filename source code disclosure
    Search for Backup files
    Cross Site Scripting in URI
    PHP super-globals-overwrite
    Script errors ( such as the Microsoft IIS Cookie Variable Information Disclosure )



This list below fits in category Directory checks

    Cross Site Scripting in path
    Cross Site Scripting in Referer
    Directory permissions ( mostly for IIS )
    HTTP Verb Tampering ( HTTP Verb POST & HTTP Verb WVS )
    Possible sensitive files
    Possible sensitive files
    ******* fixation ( j*******id & PHPSESSID ******* fixation )
    Vulnerabilities ( e.g. Apache Tomcat Directory Traversal, ASP.NET error message etc )
    WebDAV ( very vulnerable component of IIS servers )



This list below fits in category Text Search Disclosure
    Application error message
    Check for common files
    Directory Listing
    Email address found
    Local path disclosure
    Possible sensitive files
    Microsoft Office possible sensitive information
    Possible internal IP address disclosure
    Possible server path disclosure ( Unix and Windows )
    Possible username or password disclosure
    Sensitive data not encrypted
    Source code disclosure
    Trojan shell ( r57,c99,crystal shell etc )
    ( IF ANY )Wordpress database credentials disclosure



This list below fits in category File Uploads


    Unrestricted File Upload




This list below fits in category Authentication


    Microsoft IIS WebDAV Authentication Bypass
    SQL injection in the authentication header
    Weak Password
    GHDB - Google hacking database ( using dorks to find what google crawlers have found like passwords etc )



This list below fits in category Web Services - Parameter manipulation & with multirequest


    Application Error Message ( testing with empty, NULL, negative, big hex etc )
    Code Execution
    SQL Injection
    XPath Injection
    Blind SQL/XPath injection ( test for numeric,string,number inputs etc )
    Stored Cross-Site Scripting ( XSS )
    Cross-Site Request Forgery ( CSRF )


GreetZ.

Post a Comment

 
Top