Hacking expose web applications

Joel Scambray, CISSP, is co-author of Hacking Exposed, the international best-selling Internet security book, currently in its third edition, and Hacking Exposed Windows 2000
Mike Shema is a Principle Consultant and Trainer for Foundstone. He has performed several security assessments for government and financial sites in addition to developing security training material

Foreword	p. xvii
Acknowledgements	p. xix
Preface	p. xxi
Part I Reconnaissance
1 Introduction to Web Applications and Security	p. 3
The Web Application Architecture	p. 5
Potential Weak Spots	p. 19
The Methodology of Web Hacking	p. 20
Summary	p. 22
References and Further Reading	p. 23
2 Profiling	p. 25
Server Discovery	p. 26
Service Discovery	p. 35
Server Identification	p. 37
Summary	p. 39
References and Further Reading	p. 40
3 Hacking Web Servers	p. 41
Common Vulnerabilities by Platform	p. 42
Automated Vulnerability Scanning Software	p. 80
Denial of Service Against Web Servers	p. 92
Summary	p. 95
References and Further Reading	p. 95
4 Surveying the Application	p. 99
Documenting Application Structure	p. 100
Manually Inspecting the Application	p. 102
Manually Inspecting the Application	p. 102
Tools to Automate the Survey	p. 117
Common Countermeasures	p. 125
Summary	p. 127
References and Further Reading	p. 127
Part II The Attack
5 Authentication	p. 131
Authentication Mechanisms	p. 132
Attacking Web Authentication	p. 149
Bypassing Authentication	p. 158
Summary	p. 159
References and Further Reading	p. 159
6 Authorization	p. 161
The Attacks	p. 162
The Methodology	p. 164
Case Study: Using Curl to Map Permissions	p. 170
Summary	p. 176
References and Further Reading	p. 176
7 Attacking Session State Management	p. 177
Client-Side Techniques	p. 179
Server-Side Techniques	p. 183
SessionID Analysis	p. 185
Summary	p. 200
References and Further Reading	p. 200
8 Input Validation Attacks	p. 201
Expecting the Unexpected	p. 202
Input Validation EndGame	p. 203
Where to Find Potential Targets	p. 203
Bypassing Client-Side Validation Routines	p. 204
Common Input Validation Attacks	p. 205
Common Countermeasures	p. 220
Summary	p. 221
References and Further Reading	p. 222
9 Attacking Web Datastores	p. 225
A SQL Primer	p. 226
SQL Injection	p. 226
Summary	p. 241
References and Further Reading	p. 241
10 Attacking Web Services	p. 243
What Is a Web Service?	p. 244
Sample Web Services Hacks	p. 252
Basics of Web Service Security	p. 253
Summary	p. 258
References and Further Reading	p. 258
11 Hacking Web Application Management	p. 261
Web Server Administration	p. 262
Web Content Management	p. 264
Web-Based Network and System Management	p. 271
Summary	p. 275
References and Further Reading	p. 275
12 Web Client Hacking	p. 277
The Problem of Client-Side Security	p. 278
Active Content Attacks	p. 279
Cross-Site Scripting	p. 289
Cookie Hijacking	p. 292
Summary	p. 296
References and Further Reading	p. 297
13 Case Studies	p. 299
Case Study #1 From the URL to the Command Line and Back	p. 300
Case Study #2 XOR Does Not Equal Security	p. 303
Case Study #3 The Cross-Site Scripting Calendar	p. 305
Summary	p. 307
References and Further Reading	p. 307
Part III Appendixes
A Web Site Security Checklist	p. 311
B Web Hacking Tools and Techniques Cribsheet	p. 317
C Using Libwhisker	p. 333
Inside Libwhisker	p. 334
D UrlScan Installation and Configuration	p. 345
Overview of UrlScan	p. 346
Obtaining UrlScan	p. 347
Updating Windows Family Products	p. 348
Basic UrlScan Deployment	p. 351
Advanced UrlScan Deployment	p. 358
UrlScan.ini Command Reference	p. 365
Summary	p. 369
References and Further Reading	p. 369
E About the Companion Web Site	p. 371
Index	p. 373

Available:*

On Order

Summary

Summary

Author Notes

Table of Contents