10 Days Of Cybersecurity-8

Day 8 - Basic Web Application Attacks

Introduction

Welcome to Day 8 of our 10-day cybersecurity challenge! Today, we'll explore basic web application attacks, focusing on common vulnerabilities like SQL Injection and Cross-Site Scripting (XSS). Understanding these attacks is essential for securing web applications and protecting sensitive data from malicious actors.

Understanding Web Application Vulnerabilities

Web applications are often targets for attackers due to the sensitive data they handle. By exploiting vulnerabilities, attackers can gain unauthorized access, manipulate data, or disrupt services.

Key Vulnerabilities:

1. SQL Injection (SQLi):

   • Description: An injection attack that allows attackers to execute arbitrary SQL queries on a database.

   • Impact: Can lead to unauthorized data access, data manipulation, and database corruption.

   • Example: http://example.com/products?id=1 OR 1=1

2. Cross-Site Scripting (XSS):

   • Description: An attack that injects malicious scripts into web pages viewed by other users.

   • Impact: Can steal cookies, session tokens, or redirect users to malicious sites.

   • Example: <script>alert('XSS Attack!');</script>

3. Cross-Site Request Forgery (CSRF):

   • Description: An attack that tricks a user into executing unwanted actions on a web application where they're authenticated.

   • Impact: Can perform actions like changing account details or making unauthorized transactions.

   • Example: Sending a crafted link that performs an action on behalf of the user.

SQL Injection (SQLi) Attacks

SQL Injection occurs when an application fails to properly sanitize user input, allowing attackers to execute arbitrary SQL commands.

Types of SQL Injection:

1. In-Band SQLi:

   • Description: The attacker uses the same channel for both the attack and the retrieval of data.

   • Example: Error-based and union-based SQLi.

2. Blind SQLi:

   • Description: The attacker receives no direct feedback from the database, requiring more sophisticated techniques.

   • Example: Boolean-based and time-based SQLi.

3. Out-of-Band SQLi:

   • Description: Uses different channels for attack and data retrieval, often requiring server-side capabilities.

   • Example: Sending data through DNS requests.

Prevention Tips:

• Use parameterized queries or prepared statements.

• Implement input validation and sanitization.

• Use web application firewalls (WAFs) to detect and block SQLi attempts.

Cross-Site Scripting (XSS) Attacks

XSS occurs when an application includes untrusted data in a web page without proper validation or escaping, allowing attackers to execute scripts in the context of other users.

Types of XSS:

1. Stored XSS:

   • Description: The malicious script is stored on the server and executed when users access the affected page.

   • Example: Posting a script in a comment section that executes when viewed by others.

2. Reflected XSS:

   • Description: The malicious script is reflected off a web server and executed immediately by users who click on a crafted link.

   • Example: Sending a phishing email with a link containing a script.

3. DOM-Based XSS:

   • Description: The attack is executed entirely on the client side by modifying the DOM environment.

   • Example: Altering a page's DOM to include malicious scripts through unsafe JavaScript methods.

Prevention Tips:

• Encode output data to escape special characters.

• Use a Content Security Policy (CSP) to restrict script execution.

• Validate and sanitize all user inputs.

Practical Example: Testing for SQL Injection

Let’s demonstrate a simple SQL Injection attack using a vulnerable web application. For this example, we'll use the DVWA (Damn Vulnerable Web Application) for testing purposes.

Steps:

1. Access the Vulnerable Page:

   • Description: Navigate to the DVWA and locate a page with a SQL query input field.

2. Test for Vulnerability:

   • Description: Enter a basic SQL Injection string to test for vulnerability.

   • Example Input: ' OR '1'='1

3. Analyze Results:

   • Description: Check if the application displays unexpected data or behaves differently.

Note: Always test vulnerabilities in a controlled environment with permission.

Conclusion

Today, we explored the fundamentals of basic web application attacks, focusing on SQL Injection and Cross-Site Scripting (XSS). Understanding these vulnerabilities helps you protect web applications from common threats. Tomorrow, we’ll learn about bug bounty programs and how to participate in them effectively. Stay safe and happy hacking!