Apresentação Acunetix - Scanner ambiente WEB - Fev2013
1. www.acunetix.comCom bating the web vulnerability threat
Fevereiro2013
SUNLITSUNLIT TECHNOLOGIESTECHNOLOGIES
RepresentanteAcunetixnoBrasil
ACUNETIX
Scanner para Identificar Vulnerabilidades emScanner para Identificar Vulnerabilidades em
Aplicações WEBAplicações WEB
2. www.acunetix.comCom bating the web vulnerability threat
O GARTNER GROUP aponta a solução ACUNETIX com o um dos líderes
em ANÁLISE DE VULNERABILIDADE DE APLICAÇÕES
Confira a posição de destaque ocupada pela solução ACUNETIX no
QUADRANTE MÁGICO do GARTNER GROUP (dezembro de 2011) em referencia ao tema
DAST (Dynamic Application Security Testing) ou Análise de Vulnerabilidades em Aplicações.
3. www.acunetix.comCom bating the web vulnerability threat
Por quesuaempresapodesetornar alvode
hackers ?
Porque voce disponibiliza seu website 7x24 para atender seus clientes
e…os hackers sabem disso !
Além disso….os hackers gostam bastante de se divertir…e aproveitam
o tempo livre para :
. – Obter acesso a dados sensitivos (de sua empresa, de seus
fornecedores e de …seus clientes…..)
– Descaracterizar websites
– Lhe ´presentear´ com mensagens PHISHING para obter seus dados
bancários
– ´Entupir´ seus links de acesso pela distribuição de conteúdo ilegal
– Manipular de forma maliciosa seus aplicativos WEB
4. www.acunetix.comCom bating the web vulnerability threat
Oquesuaempresaperdesendo ´hackeada´ ?
• Confidencialidade de informações relativas ao negócio
• Perda de confiança e reputação perante seus clientes e
fornecedores
• Imagem da sua empresa é ´arranhada´
• Suas operações podem ficar ´fora-do-ar´
• Perda de faturamento e receitas
• Implicações legais e multas
5. www.acunetix.comCom bating the web vulnerability threat
Porqueescolher umscanner ambienteWEB ?
• Voce pode manter aberta a Port 80
• Um firewall de aplicação WEB não é suficiente para barrar intrusos
• Firewalls, IDS and IPS não tem proteção suficiente
• Acesso direto a servidores corporativos
• Aplicações feitas in-house não são auditadas
6. www.acunetix.comCom bating the web vulnerability threat
Comoo Scanner-Acunetixfunciona…..
• Detecta SQL Injection e XSS – entre outras vulnerabilidades..
• Audita websites de forma manual e automatica
• Estado da arte na tecnologia de rastreamento de vulnerabilidades
– Utiliza Engine (CSA) Client Script Analyzer
• Suporte a Web 2.0, JavaScript / Ajax, JQuery com engine CSA
• Abordagem com métodos Heuristicos
• Relatórios detalhados
• Suporte a linha de comando
7. www.acunetix.comCom bating the web vulnerability threat
Diferenciais técnicos dasoluçãoACUNETIX
• Detecção de erro 404
• Manipula formulários CAPTCHA
• Suporta single-sign-on e mecanismos de tokens
• Suporta múltiplos SCANS a partir de mesma máquina
• Permite a manipulação de parametros da URL
• Identifica uma nova classe de vulnerabilidade: HTTP PARAMETER
POLLUTION
• Permite acesso direto ao código das aplicações WEB através da
tecnologia ACUSENSOR
8. www.acunetix.comCom bating the web vulnerability threat
OqueéafuncionalidadeACUSENSOR ?
• Vai além do escaneamento CAIXA-PRETA
• Verifica a configuração da tecnologia WEB
• Menor número de falso-positivos
• Sem regras de regravação Url
9. www.acunetix.comCom bating the web vulnerability threat
AtecnologiaAcuSensor gerainformações
avançadas para ´debug´ de vulnerabilidades
Mostraqual aquery QL vulnerável ao
SQL Injection
E indicaexatamente alinhade
Códigoondeavulnerabilidadeestá
Localizada. ….
10. www.acunetix.comCom bating the web vulnerability threat
Interfaceamigável
Facilidade noacompanhamentodestatus das vulnerabilidades
11. www.acunetix.comCom bating the web vulnerability threat
Testes depenetraçãoavançados emambiente WEB
• Testes de penetração avançados incluem :
– HTTP Editor
– HTTP Sniffer
– HTTP Fuzzer
– Blind SQL injector
– Authentication Tester
12. www.acunetix.comCom bating the web vulnerability threat
Umasoluçãodesegurançacompleta
• Acunetix verifica :
– Configuração do Web server
– Configuração da tecnologia Web (.NET, PHP etc)
– Port scanner & Network Alerts
13. www.acunetix.comCom bating the web vulnerability threat
GeraçãodeRelatórios
• Relatórios de compliance e
auditoria
- OWASP-Top 10
- PCI-DSS , SOX, ISO 27001
• Relatórios para o desenvolvedor
• Relatórios comparativos
• Exporta relatórios para PDF ,
HTML, etc
14. www.acunetix.comCom bating the web vulnerability threat
Apresentação Técnica
• Como agem os hackers?
• O que é um Scanner de ambiente Web ?
• Acunetix WVS
– Scan Wizard
– Resultados do Escaneamento
– Relatórios do Escanemanto
• Funcionalidades - Acunetix WVS
– Target Finder
– Site Crawler
– Tecnologia AcuSensor
– Port Scanner & Network Alerts
– HTTP Editor
– HTTP Fuzzer
– HTTP Sniffer
– Blind SQL Injector
– Authentication Tester
– Compare os resultados
• Configuração - Acunetix WVS
– Application Settings
– Perfis para escaneamento
15. www.acunetix.comCom bating the web vulnerability threat
Como agem os hackers ?
• Hackers usam um plano sistemático de ação :
1. Estudam a infraestrutura operacional (sistema operacional e
tipos de servidores) .
2. Pesquisam o website/ aplicação WEB
3. Identificam a presença de vulnerabilidades
4. Planejam e executam o ataque
• Acunetix WVS atua de forma contínua na identificação de
vulnerabilidades na aplicação WEB e/ou na tecnologia WEB (PHP,
Apache,etc) e/ou um determinado servidor WEB e/ou ainda qualquer
serviço de rede (DNS, FTP, etc) que roda no servidor WEB.
17. www.acunetix.comCom bating the web vulnerability threat
Técnicas de hacking mais ativas
• Métodos estáticos conhecidos:
– Explorar vulnerabilidades em
aplicações Web
– Enurmeração de diretórios
– Explorar vulnerabilidades em
servidores Web
– Explorar vulnerabilidades em
tecnologia Web (ex : PHP)
– Explorar vulnerabilidades em serviços
de rede (ex: DNS, FTP, SMTP)
• Métodos dinamicos
desconhecidos :
– SQL Injection
– Cross-site Scripting
– Directory & Link Traversal
– File Inclusion
– Exposição de código-fonte
– Execução de código
– Common File Checks
– Manipulação de parametros
– Criação ou deleção de arquivos de
forma arbitrária
– CRLF Injection
– Path Truncation
– Engenharia reversa de Java Applet
– Session Hijacking
– Ataques de autenticação
– Google Hacking Database
A solução Acunetix WVS identifica
todos os métodos acima descritos e
muito mais....
18. www.acunetix.comCom bating the web vulnerability threat
O que é um Scanner de ambiente Web ?
• Hacking são formas de ataques maliciosos contra aplicações-Web.
Qualquer usuário visitando um website pode ser um hacker em potencial ...
Por isso, uma abordagem de prevenção é a primeira linha de defesa.
• Um Scanner de ambiente WEB é uma ferramenta automática de
segurança que identifica vulnerabilidades em aplicações WEB ou
tecnologias WEB ou servidores-WEB.
19. www.acunetix.comCom bating the web vulnerability threat
A que se propõem a solução
WVS-ACUNETIX ?
• Acunetix WVS é um Scanner-WEB que possibilita efetuar checagens
automáticas e manuais na identificação de vulnerabilidades .
• Acunetix WVS usa métodos dinamicos para replicar ataques de
hackers utilizando maneiras não-destrutivas. Acunetix WVS é uma
ferramenta essencial para identificar vulnerabilidades em suas
aplicações Web e servidores-Web.
20. www.acunetix.comCom bating the web vulnerability threat
Acunetix WVS
Acunetix WVSAcunetix WVS é umé um
Scanner que utilizaScanner que utiliza
metodologia heurísticametodologia heurística
permitindo escaneamento &permitindo escaneamento &
auditoria de forma automáticaauditoria de forma automática
e manual.e manual.
Pela replicação de ataquesPela replicação de ataques
hackers de forma não-hackers de forma não-
destrutiva -destrutiva - Acunetix-Acunetix-
WVSWVS é uma ferramentaé uma ferramenta
essencial para manter seuessencial para manter seu
ambiente livres de hackers &ambiente livres de hackers &
pragas digitais.pragas digitais.
21. www.acunetix.comCom bating the web vulnerability threat
Como o Acunetix-WVS efetua a
busca por vulnerabilidades
• Fase 1 - Processo de ´rastejamento´ para descobrir
vulnerabilidades
• Fase 2 - Escaneamento Automático
• Fase 3 - (opcional) – Testes manuais específicos
• Fase 4 - Geração Relatórios
22. www.acunetix.comCom bating the web vulnerability threat
Resumo das principais funcionalidadesResumo das principais funcionalidades
- AcuSensor Technology
- Port Scanner & Network Alerts
- Blind SQL Injector
ACUNETIX – WVSACUNETIX – WVS
23. www.acunetix.comCom bating the web vulnerability threat
Tecnologia AcuSensor
• Nova tecnologia que permite a
identificação de novas
vulnerabilidades em aplicações que
vai além do tradicional escaneamento
´caixa-preta´ enquanto gera menos
´falso-positivos´.
• ACUSENSOR indica exatamente
onde está a vulnerabilidade no código
e lhe mostra informações relevantes
tais como – Stack-Trace
(acompanhamento linha-a-linha do
código), linha do código com problema
e nome do arquivo.
24. www.acunetix.comCom bating the web vulnerability threat
Port Scanner & Network Alerts
• Executa scan de portas no servidor
Web – e testes de segurança nos
serviços que rodam nessas portas –
tais como : DNS open recursion
tests, configuração incorreta em
proxy-servers, open relay SMTP
servers - e muito mais...
• Escreva o seu próprio teste de
segurança usando a tecnologia
Microsoft Active Scripting e use o
nosso script como referencia.
25. www.acunetix.comCom bating the web vulnerability threat
Blind SQL Injector
• Ideal para testes de
penetração , o Blind SQL
injector é uma ferramenta de
extração de dados
automatizada para realização
de testes manuais e melhor
depuramento da
vulnerabilidade SQL-Injection
26. www.acunetix.comCom bating the web vulnerability threat
Funcionalidades adicionais …
• Funcionalidade de Pausa e
Recomeço do Escaneamento
• Opção para marcar alertas como
falso-positivo
• Suporte ao NTLM V2
• Scanner agora pode agregar a
lista de erros incomuns
• Possibilidade para localizar
rapidamente uma vulnerabilidade
pelo uso de filtros
• Todas opções de escaneamento
estão agora disponiveis em
Scheduler
28. www.acunetix.comCom bating the web vulnerability threat
Muitoobrigadopelasuaatenção!
Referencias adicionaisReferencias adicionais :
AcunetixBlog
http://www.acunetix.com /blog
Façaumtour paraconhecer oWVS-Acunetix
http://www.acunetix.com /vulnerability-
scanner/features.htm
Listade verificações feitas peloWVS-Acunetix
http://www.acunetix.com /support/vulnerability-
checks.htm
Entre em contato conosco
Sunlit Advanced TechnologySunlit Advanced Technology
www.sunlit.com.br
11-9-91362957 - Thoni Scola
acscola@sunlit.com.br
Notas do Editor
Introduction to Acunetix and Web Security
Why you’re also a target:
There is a long list of reasons why anyone who has an online presence can be a target. Hackers hack for a myriad of reasons, some of them are mentioned below.
Hackers hack to:
Get access to sensitive data
Hackers hack to steal sensitive data. They do it for fun or for fame, to spoil a company’s name and reputation and also to sell company’s data to their competitors to make money.
Run Phishing sites
Hackers also hack to inject code within vulnerable web applications to trick users and redirect them towards phishing sites that are then used to retrieve your legitimate site users’ details, such as online banking details, credit card details and much more. Running a phishing site is illegal activity as one is stealing and tricking online users. Hackers opt to host Phishing sites on someone else’s server, so if the phishing site is discovered and reported they cannot be traced. Phishing sites are also illegal.
Steal bandwidth
Large amount of bandwidth availability is an expensive commodity; hence using someone else’s to conduct illegal business can be one other reason for a cyber attack. Criminals who share or distribute pirated software are likely to conduct a hack attack on someone else’s server with a large bandwidth availability and use it to distribute their illegal products from there. Without knowing it, the server’s owner is helping carry out an illicit activity and would result in very expensive bandwidth bill.
Distribute illegal content
Web site hacking increasingly occurs by criminals who wish to distribute illegal content without leaving trace. E.g. a hacker may attack an innocent person’s website and take control of his web server, to use it to disseminate child pornography. When the illicit material is traced by the authorities, the culprit is untraceable and the site’s guiltless owner could be faced with serious legal implications, not to mention damage to his real business and reputation.
Improve ranking
Other hack attempts are done to improve a web site’s ranking in Google using hidden keywords injected on innocent sites. This activity is disapproved of by the search engines and can result in penalties such as a reduction of the victim’s website’s ranking or eliminating its listing from the search engine’s index database altogether. If you are an online business, these SEO punishments could have serious repercussions on your operations.
Why you’re also a target:
There is a long list of reasons why anyone who has an online presence can be a target. Hackers hack for a myriad of reasons, some of them are mentioned below.
Hackers hack to:
Get access to sensitive data
Hackers hack to steal sensitive data. They do it for fun or for fame, to spoil a company’s name and reputation and also to sell company’s data to their competitors to make money.
Run Phishing sites
Hackers also hack to inject code within vulnerable web applications to trick users and redirect them towards phishing sites that are then used to retrieve your legitimate site users’ details, such as online banking details, credit card details and much more. Running a phishing site is illegal activity as one is stealing and tricking online users. Hackers opt to host Phishing sites on someone else’s server, so if the phishing site is discovered and reported they cannot be traced. Phishing sites are also illegal.
Steal bandwidth
Large amount of bandwidth availability is an expensive commodity; hence using someone else’s to conduct illegal business can be one other reason for a cyber attack. Criminals who share or distribute pirated software are likely to conduct a hack attack on someone else’s server with a large bandwidth availability and use it to distribute their illegal products from there. Without knowing it, the server’s owner is helping carry out an illicit activity and would result in very expensive bandwidth bill.
Distribute illegal content
Web site hacking increasingly occurs by criminals who wish to distribute illegal content without leaving trace. E.g. a hacker may attack an innocent person’s website and take control of his web server, to use it to disseminate child pornography. When the illicit material is traced by the authorities, the culprit is untraceable and the site’s guiltless owner could be faced with serious legal implications, not to mention damage to his real business and reputation.
Improve ranking
Other hack attempts are done to improve a web site’s ranking in Google using hidden keywords injected on innocent sites. This activity is disapproved of by the search engines and can result in penalties such as a reduction of the victim’s website’s ranking or eliminating its listing from the search engine’s index database altogether. If you are an online business, these SEO punishments could have serious repercussions on your operations.
The cost of being hacked
The cost of being hacked can never be calculated. Apart from the real money you have to pay to solve the problem, or maybe to pay for damages that hackers did, you cannot really quantify lost business due to down-time or any other damages such as reputation, which your company suffered because of the attack.
The cost of hack attacks is extensive with a possible financial burden that may result in business closure:
Loss of customer confidence, trust and reputation with the consequent harm to brand equity and consequent effects on revenue and profitability
Possible loss of the ability to accept certain payment instruments e.g. VISA, MasterCard, Amex etc
Negative impact on revenues and profits arising from any falsified transactions and from employee downtime
Website downtime which is in effect the closure of one of the most important sales channels for an e-business
The expenditure involved in repairing the damage done and building contingency plans for securing compromised websites and web applications
Legal battles and related implications which include fines and damages to be paid to victims
Why choose a web vulnerability scanner?
If your business has an online presence with web applications AND if you want to have a comprehensive security strategy, it is imperative that you regularly and consistently audit your web applications for exploitable vulnerabilities. Web vulnerability scanners will go far in helping you to secure your website, since auditing the whole website or web application constantly and manually, is not practical.
Web application firewalls, IDS and IPS systems are all signature based systems. Such signature based software, looks for weaknesses in a similar way as anti-virus software. This means that if a new vulnerability is discovered, it is a MUST that the vendor of the web application firewall or any other signature matching protection publishes an update at the earliest possible. Until the vendor releases the updates, if the vulnerability is running allover the internet YOU are at risk!
If a hacker uses a Zero Day Exploit to bypass such systems, once bypassed, the web application or website is his next target. If it is not secure, surely the hacker will proceed with hacking the website or web application, while all your company data and reputation is at risk.
Web Application / Website security is as important as network security.
The Scanner
Vulnerability checks
For a whole list of vulnerabilities Acunetix WVS checks for please refer to the following link;
http://www.acunetix.com/support/vulnerability-checks.htm
Automatic and manual audits
With the automated scan, one can start scanning his website in a matter of seconds. It also helps saving time in the process of securing the website or web application. If you are a beginner in web security, Acunetix WVS friendly wizard helps you get started. It is important to note that using an automatic scanner only is not enough. That is why Acunetix WVS also includes a suite of manual tools, to make further manual testing.
State of art crawler technology and CSA Engine
The crawling stage is the most important part of the whole web application securing process. If the crawler is not able to crawl the website or web application properly, a lot of vulnerabilities will not be found or a lot of false positives will be reported. With the CSA (client script analyzer) engine, Acunetix WVS crawler is also able to crawl dynamic content and Web 2.0 websites, such as JavaScript, JQuery and Ajax.
Heuristic methodology approach
With Heuristic methodology, the scanner acts like a hacker. It focuses on the arsenal of hacking methods rather than the vulnerabilities themselves. Therefore the scanner will test variants of checks that lead to vulnerabilities. Such checks are run against all site, depending on the information acquired during the crawling stage.
Testing against a database of known vulnerabilities (signature based scanning) is not enough; hackers do not base themselves on signature files. This is a passive and reactive form of security – working backwards – first wait for the vulnerability to be discovered, than vendors releases a patch while leaving the unknown to tomorrow! For signature based scanning system to find vulnerabilities in custom made / in house software, which most of the time such software is not properly tested, the user must know how to create signatures specifically for the target application and then scan it. Most of the time, this leads to a lot of false positives and not reporting the real vulnerabilities.
Detailed reporting
For every vulnerability reported, an extensive amount of details is presented to the user to help him understand what is the vulnerability, the impact of the vulnerability and what is leading to such vulnerability. This also helps developers who are not familiar with web security to trace the vulnerability and fix it in the shortest time possible. Using AcuSensor technology even reports which line in the code is vulnerable or the SQL query vulnerable to SQL injection, including the stack trace.
Automation
With the command line support one can easily automate scans through a batch file. With the scheduler also available, one can also schedule recurring scans of his website during off-peak hours.
AcuSensor Technology
AcuSensor Technology is an innovative and beyond black box scanning solution developed from Acunetix. To date, Acunetix is the leading and only Web Vulnerability Scanner to implement this technology.
AcuSensor Technology does not require .NET source code; it can be injected in already compiled .NET applications using a lightweight installer.
In case of PHP, the sensor is included in the application from a .htaccess file or from the PHP configuration.
Thanks to sensors installed on the target, the user benefits from the following, when using AcuSensor Technology:
find vulnerabilities which a typical black box scanner cannot find
report less false positives, thus avoiding confusion and being more productive
report advanced debug information
alert you of web technology (such as PHP and .NET) configuration problem
retrieve / list down all files found in the web site root directory even if not published by web servers
no need to specify URL rewrite rules for web applications using Search Engine Friendly url’s
AcuSensor Technology reports advanced debug information
The amount of debug information AcuSensor Technology reports, helps the developer understand and solve the issue much quicker. It also trains developers in writing more secure code.
Once a SQL injection is found, AcuSensor reports the source file using this query, the vulnerable SQL query and also the stack trace information to help troubleshooting and solving the issue.
If a Cross site scripting vulnerability or directory traversal attack is found, AcuSensor Technology reports the source file which is vulnerable, the line number of the source code which leads to the vulnerability and also all related variables and calls.
User friendly interface
Having a user friendly interface, Acunetix WVS makes web security easy to everyone. In a matter of seconds an inexperienced user can launch a scan and start securing his web application.
Advanced Penetration Testing Tools
This suite of advanced penetration testing tools is available to help penetration testers and security experts to facilitate the manual audit process which takes place while securing a web application or website. An automated scanner does not always cover all security tests of a target website or web application, it depends on a lot of factors. Using this suite of tools, a penetration tester or security expert can run his own tests against the target, and also automate some of the manual audit procedures thus saving valuable time.
HTTP Editor
The HTTP Editor tool allows you to create, analyze and edit client HTTP requests and server responses.
HTTP Sniffer
The HTTP Sniffer tool is a proxy server which allows you to capture, edit and filter requests made between a web client (browser or other http application) and a web server or vice versa. This can also be used to crawl parts of a website or web application manually.
HTTP Fuzzer
Using the HTTP Fuzzer, a rule can be created to automatically replace a part of a URL with a number, character or any other type of generator. Only valid results will be reported. This gives the advantage to quickly test 1000 queries while significantly reducing the amount of time and manual input.
Blind SQL Injector
Ideal for penetration testers, the Blind SQL injector is an automated database data extraction tool. Using SQL injections found when scanning a website and importing them to this tool, one can see what a serious impact an SQL injection can have on the website.
Authentication Tester
The authentication tester is a tool used to test the strength of passwords within HTTP or HTML forms authentication environments via a dictionary attack. This helps in automating some processing where human intervention cannot be faster.
Uma solução de SEGURANÇA WEB completa
Tipicamente, os servidores WEB tem outros serviços de rede rodando tais como DNS,SMTP e FTP. Um hacker não tem como foco somente o website ou a aplicação WEB – mas, sim, o servidor e os serviços de rede rodando naquele servidor. Se um serviço de rede for hackeado, pode causar uma parada e afetar o acesso a empregados e clientes de sua empresa.
A solução Acunetix-WVS provê uma segurança completa escaneando o software do servidor-WEB e a tecnologia por trás desse software (tais como PHP e .NET) a fim de encontrar configurações não-seguras além de disparar verificações de segurança sobre outros serviços de rede rodando no servidor WEB.
A função de Escaneador-de-Portas escaneia o servidor WEB para verificar portas abertas. Uma vez que uma porta aberta for encontrada, o escaneador WVS verifica qual serviço de rede está rodando naquela porta e então realiza verificações adicionais sobre aquele serviço ( SMTP Server Open relay, DNS cache poisoning, SSH week ciphers )etc.
The Reporter
From the selection of already available templates in the reporter, one can generate any of the following report styles:
Detailed scan report; where all scan details including solution tips are in the report
Developer report; a report targeted for developers to help them fix issues in the website or web application quickly
Executive report; a reported targeted for executives, where it gives them a summary of the status of their web application or website security
Compliance report; from these report templates one can generate PCI, OWASP, WASC, HIPAA and other compliancy reports
Scan comparison report; use this report to compare 2 scans of the same target
Monthly vulnerabilities report; use this report to see vulnerability trends by month and vulnerability group
Reports can also be exported to other formats to share with colleagues such as pdf, word document, html and more.
The reports can also be modified to add a company logo and also to change the page setup (available in consultant version only).
PURPOSE OF THIS SLIDE:
This slide explains the way hackers work
TEXT AND INFORMATION:
Understanding the techniques hackers use to manipulate Web applications is the first step in learning how to secure the Web application.
Attackers break into the web application by thinking like a programmer.
Hackers have a wide arsenal of attack mechanisms, from which they choose the one most suited to a particular vulnerability. They use a very systematic plan of action. These steps can be classified as:
· Study server infrastructure and server OS/type:
The first stage of the attack involves a scan:
The hacker first analyzes the properties of the server to be hacked, the operating system running on the server, and the server type.
A port scan is then initiated to detect all open HTTP and HTTPS ports to single out the port/s to be attacked. (The port scan detects open HTTP and HTTPS ports for each server and retrieves the default page from each open port).
· Survey the website/application:
The hacker examines the website for any loopholes that can be exploited. Loopholes could take the form of feedback or inquiry forms that utilize GET and POST variables that hackers can use to their advantage.
The hacker also inspects authentication and logon pages for any chances of accessing the server.
The success of this method is evident from the 2000 incident involving the Norwegian boy. He was able to bypass required authentication by bookmarking the target page after going through authentication on his initial visit.
A good hacker will go through almost every interactive element on a webpage or website in order to gain access to the server.
The hacker also goes through the application script to check for any development glitches that can be exploited.
Hackers will try to determine the structure of the site and the logic of the application digging as far as analysing found pages and checks for comments/other useful bits of data that could refer to files and directories that are not intended for public use.
· Check for presence of input validation :
Input validation consists of the validation that most Web applications incorporate to determine whether particular data input is safe and validated.
Unsafe data is rejected and not processed further. Laxity in input validation is a prime access pathway for hackers. If they manage to outwit the input validation check post, they can use this path to send malicious inputs to the server.
Other tests are made for each of the application scripts looking for any development errors that may have been made that could grant the hacker further access to the application.
· Mount the attack:
When the hacker has identified all the pieces of information by undetectable (passive) means, he can select which method of attack to use.
After examining the entire scenario, from the server to the application, and isolating all the loopholes and vulnerable target areas, the hacker now mounts the attack.
The attack is generally made on each web application that has been classed as vulnerable to a variety of hack techniques
PURPOSE OF THIS SLIDE:
This slide explains the popular techniques used to attack a website
TEXT AND INFORMATION:
There are two primary forms of attacks:
STATIC METHODS or the most commonly known methods of attack against standard/known servers and applications.
Known exploits
Directory Enumeration
Web Server Exploits
DYNAMIC METHODS or harder to detect methods launched against the logic of application
SQL Injection
Cross-site Scripting
Source Code Disclosure
Directory and Link Traversal
Common File Checks
Parameter Manipulation or Passing
Hidden Web Paths
Extension and Backup Checking
Path Truncation
Java Applet reverse engineering
Session Hijacking
Authentication Attacks
Google hacking database
PURPOSE OF THIS SLIDE:
This slide introduces the Acunetix WVS
TEXT AND INFORMATION:
The Acunetix Scanner is a Heuristic Methodology Scanner, i.e., it has a set (or database) of Attack Methods that it uses to launch against a website and web applications in order to determine whether these are vulnerable or not.
What is of importance here is that the Acunetix WVS does not just launch attacks according to a database of known vulnerabilities. On the contrary, using proprietary technologies to, it acts intelligently emulating a hacker to pinpoint possible vulnerabilities.
These attacks may be performed automatically or manually.
As hackers continually come up with newer and more aggressive attacks, the Acunetix WVS is updated. Our own research lab is dedicated to gathering information from a wide spectrum of sources. As soon as a new possible vulnerability class is found, it will be added to our vulnerability database and immediately put available to product updates. Moreover, the Acunetix WVS lets you create and add your own vulnerabilities through the vulnerability editor.
IMAGE:
The Acunetix WVS can be used from a PC over the internet to regularly scan and audit your website and web applications
The Acunetix WVS can be used from a PC inside your company network to regularly scan and audit your live and test/development websites and web applications
The Acunetix WVS can be used from a laptop over a wireless link inside your company network to regularly scan and audit your live and test/development websites and web applications
With The Acunetix WVS, your website and web applications are hacker-safe
HACKER-SAFE
Scan and audit your website and web applications regularly with the Acunetix WVS
Prevent hackers from gaining access to your database of sensitive/proprietary corporate and customer data through your website/web applications that must be always available via HTTP/HTTPS on port 80/443.
PURPOSE OF THIS SLIDE:
This slide introduces how the Acunetix WVS works
TEXT AND INFORMATION:
Acunetix WVS has a vast array of automated features and manual tools and, in general, works in the following manner:
Discovery Stage or Crawling Process
It crawls the entire website – by following all the links on the site and in the robots.txt file (if available).
WVS will then map out the website structure and display detailed information about every file.
Automated Scan Stage
After this Discovery Stage or crawling process, WVS automatically launches a series of vulnerability attacks on each page found, in essence emulating a hacker.
WVS analyzes each page for places where it can input data, and subsequently attempts all the different input combinations.
3. As it finds vulnerabilities, Acunetix WVS reports these in the “Alerts Node”. Each alert contains information about the vulnerability and recommendations on how to fix it.
4. After a scan has been completed, it may be saved to file for later analysis and for comparison to previous scans. With the
reporter tool a professional report may be created summarizing the scan.
Acunetix has made a big impact on the web security market. It is becoming a popular Web Security solution to many. Here are just a few quotes from the satisfied customers using Acunetix to secure their Web Server and Website.
For more customer testimonials check out http://www.acunetix.com/vulnerability-scanner/customer_testimonials.htm
For more information and to download Acunetix visit our website at acunetix.com
Thank you