Home » » All Web Application Attack Techniques

All Web Application Attack Techniques

Written By Unknown on Monday, 24 September 2012 | 09:32

This list below fits in category Parameter manipulation


  • Arbitary File Deletion
  • Code Execution
  • Cookie Manipulation ( meta http-equiv & crlf injection )
  • CRLF Injection ( HTTP response splitting )
  • Cross Frame Scripting ( XFS )
  • Cross-Site Scripting ( XSS )
  • Directory traversal
  • Email Injection
  • File inclusion
  • Full path disclosure
  • LDAP Injection
  • PHP code injection
  • PHP curl_exec() url is controlled by user
  • PHP invalid data type error message
  • PHP preg_replace used on user input
  • PHP unserialize() used on user input
  • Remote XSL inclusion
  • Script source code disclosure
  • Server-Side Includes (SSI) Injection
  • SQL injection
  • URL redirection
  • XPath Injection vulnerability
  • EXIF


This list below fits in category MultiRequest parameter manipulation

  • Blind SQL injection (timing)
  • Blind SQL/XPath injection (many types)


This list below fits in category File checks

  • 8.3 DOS filename source code disclosure
  • Search for Backup files
  • Cross Site Scripting in URI
  • PHP super-globals-overwrite
  • Script errors ( such as the Microsoft IIS Cookie Variable Information Disclosure )


This list below fits in category Directory checks

  • Cross Site Scripting in path
  • Cross Site Scripting in Referer
  • Directory permissions ( mostly for IIS )
  • HTTP Verb Tampering ( HTTP Verb POST & HTTP Verb WVS )
  • Possible sensitive files
  • Possible sensitive files
  • ******* fixation ( j*******id & PHPSESSID ******* fixation )
  • Vulnerabilities ( e.g. Apache Tomcat Directory Traversal, ASP.NET error message etc )
  • WebDAV ( very vulnerable component of IIS servers )


This list below fits in category Text Search Disclosure

  • Application error message
  • Check for common files
  • Directory Listing
  • Email address found
  • Local path disclosure
  • Possible sensitive files
  • Microsoft Office possible sensitive information
  • Possible internal IP address disclosure
  • Possible server path disclosure ( Unix and Windows )
  • Possible username or password disclosure
  • Sensitive data not encrypted
  • Source code disclosure
  • Trojan shell ( r57,c99,crystal shell etc )
  • ( IF ANY )Wordpress database credentials disclosure


This list below fits in category File Uploads

  • Unrestricted File Upload


This list below fits in category Authentication

  • Microsoft IIS WebDAV Authentication Bypass
  • SQL injection in the authentication header
  • Weak Password
  • GHDB - Google hacking database ( using dorks to find what google crawlers have found like passwords etc )


This list below fits in category Web Services - Parameter manipulation & with multirequest

  • Application Error Message ( testing with empty, NULL, negative, big hex etc )
  • Code Execution
  • SQL Injection
  • XPath Injection
  • Blind SQL/XPath injection ( test for numeric,string,number inputs etc )
  • Stored Cross-Site Scripting ( XSS )
  • Cross-Site Request Forgery ( CSRF )

Credit to SilverSurfer 

Share this article :

Post a Comment

 
Support : Creating Website | Johny Template | Mas Template
Copyright © 2011. Turorial Grapich Design and Blog Design - All Rights Reserved
Template Created by Creating Website Published by Mas Template
Proudly powered by Blogger