Hey, everyone, welcome back to the course. So in this video, we're gonna cover the Web application hacking methodology.
So what is the methodology? Well, we start off with foot printing or that information gathering. We then move into actually analyzing those Web applications. And finally, once we've determined any vulnerabilities with them or ways that we can attack, we then perform our actual attack.
So let's talk about each one of these just a little bit.
So with foot printing, we're doing things like identifying the server information about the server. We're also discovering information around the server. So, for example, discovering physical servers that host Web applications
we're also discovering any services that are running on the Web service that could be exploited as possible attack pass for us
and hidden content discovery. So basically extracting any content as well as functionality
that's not directly linked to that main visible content. So essentially wanna find content that is not generally viewable by the average user.
So for server and service discovery, we can use tools like who is to find a different additional information about, for example, the server, so finding out like the make of the server what brand it is the version of the software that's being used. We could perform things like DNS interrogation as well as port scanning, and we can use tools like end map to do so.
Preserver identification or commonly called banner grabbing. We're basically trying to identify that the version of the Web server software and what type of server it is. So we might grab that information from the response header
and using tools like Net Cat Net craft, etcetera
for hidden content Discovery. We're trying to extract again that
content and functionality that's not directly linked to that main visible content. So we're doing this by exploiting user privileges. We might also be a performing attack by deleting file backups, deleting snapshots that the organizations made. And we can use different tools for this. So things like, Oh s apa's Wells burp sweet
for analyzing Web applications. We wanna look at the server side technologies. We also wanna look at any possible entry points for user inputs. So is the reform fielders or a log in box any type of place where we might be able to input data because we could do then look for weaknesses where we might be able to perform things like sequel injection attacks,
looking at the functionality of the server as well as mapping out that attack surface for the Web application.
So once we've gotten that data,
what do we do with it? Well, we perform our attacks so this might be things like in numerator. The user name and password could be performing things like cookie poisoning attacks. To get the credentials, we could be taken over the sessions between the client and that Web application we could performing be performing password attacks. So brute force attacks to try toe
gain access to those accounts.
So just a quick, quick question here for you. All the following tools were used to identify entry points for you to put in. Put accept, Is that what Web burp sweet or OAS? Zap.
So which one of these Kim can?
Which one? Which of these can be used for identifying areas for that user input and then which one doesn't belong?
Alright, if you guessed what Web you are correct again, Birth Sweden OAS can be used to help help us identify those possible entry points for where we can put that user input. So, for example, where we can perform that sequel injection attack.
So in this video, we just talk briefly about the Web application hacking methodology.