Overview

Introduction

Welcome to the Exploit Web Application Vulnerabilities Practice Lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercises:

  • Exercise 1 - Exploit Web Application Vulnerabilities
  • Exercise 2 - Using Insecure Code Practices

After completing this lab, you will be able to:

  • Launch a SQL Injection Attack
  • Perform Broken Authentication Attacks
  • View Session ID in URL
  • Conduct OS Command Injection Attack
  • Perform Server-side Includes Injection Attack (SSI)
  • Perform Cross-site Scripting Attack
  • Performing Directory Traversal Attack
  • Perform Web Application Brute Forcing Using DirBuster
  • Know about Lack of Input Validation
  • Explain Hard-code Credentials
  • Know about Data in Cleartext Format
  • Know about Source Code Comments
  • Explain Verbose Errors
  • Know about Lack of Error Handling
  • Know about Lack of Code Signing
  • Explain the Occurrence of Race Conditions
  • Know about Hidden Elements - Sensitive Information in the DOM

Exam Objectives

The following exam objective is covered in this lab:

  • PT0-001: 3.4 Given a scenario, exploit application-based vulnerabilities

Lab Duration

It will take approximately 1 hour to complete this lab.

Exercise 1- Exploit Web Application Vulnerabilities

In many scenarios, organizations use off-the-shelf applications. In other scenarios, the organizations use a mix of off-the-shelf and custom applications. The patches and updates for the off-the-shelf applications are created and released by the vendor that created the application. It is now the organization's responsibility to update their existing off-the-shelf applications to patch these applications. In the case of custom applications, this is not the scenario. The custom applications are developed to meet a specific business need. An organization may have an in-house development team to create the application, or it might be outsourced to another vendor. Releasing updates is a common issue with custom applications. The vendors do not provide updates in most cases. Therefore, these inherent vulnerabilities will continue to be present until the time application is used.

There are several known Web application vulnerabilities. Open Web Application Security Project, more commonly known as OWASP, releases the top 10 Web application vulnerabilities, which are released after every few years. This data is collected from various organizations through extensive research, and then top 10 Web applications are selected. Remember - there are hundreds of Web application vulnerabilities, and therefore, when doing a penetration test, you can focus on the key ones but do not ignore to test for the other vulnerabilities. The top 10 Web application vulnerabilities of 2017 released by OWASP are:

  • A1:2017-Injection
  • A2:2017-Broken Authentication
  • A3:2017-Sensitive Data Exposure
  • A4:2017-XML External Entities (XXE)
  • A5:2017-Broken Access Control
  • A6:2017-Security Misconfiguration
  • A7:2017-Cross-Site Scripting (XSS)
  • A8:2017-Insecure Deserialization
  • A9:2017-Using Components with Known Vulnerabilities
  • A10:2017-InsufficientLogging&Monitoring

This module will cover a few of these vulnerabilities that you can exploit.

In this exercise, you will learn about exploiting Web application Vulnerabilities.

Learning Outcomes

After completing this exercise, you will be able to:

  • Launch a SQL Injection Attack
  • Perform Broken Authentication Attacks
  • View Session ID in URL
  • Conduct OS Command Injection Attack
  • Perform Server-side Includes Injection Attack (SSI)
  • Perform Cross-site Scripting Attack
  • Performing Directory Traversal Attack
  • Perform Web Application Brute Forcing Using DirBuster

Exercise 2 - Using Insecure Code Practices

Applications fall prey to the hackers because of poor coding practices followed by the developers. Whether it is a desktop or a Web application, developers often forget that a small error, such as leaving sensitive information in the comments section, can lead to the application compromise. Any type of insecure coding practice, such as hard-coded credentials or lack of error handling, introduces vulnerabilities in an application. Once the attacker has discovered the vulnerability and found a way to exploit it, the attacker can compromise the application easily.

With insecure code practices, no application can be considered secure. Attackers will always look out for vulnerabilities in the application to compromise the confidentiality, integrity, or availability of the data held by the application.

In this exercise, you will learn about insecure code practices.

Learning Outcomes

After completing this exercise, you will be able to:

  • Know about Lack of Input Validation
  • Explain Hard-code Credentials
  • Know about Data in Cleartext Format
  • Know about Source Code Comments
  • Explain Verbose Errors
  • Know about Lack of Error Handling
  • Know about Lack of Code Signing
  • Explain the Occurrence of Race Conditions
  • Know about Hidden Elements - Sensitive Information in the DOM

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.