Web Application Hacking Exposed

Can you remember the last time you were hacked?Â Was it a SQL Injection, a Denial Of Service (DoS), or even allowed complete control of your web server?Â All three of these attacks are well known and can be prevented using the appropriate measures.Â First of let’s start by describing a little bit about each one.

SQL injection is when you create a SQL statement that does not escape the data that it puts into the query.Â For example, if you use this as your code:

SELECT username, password
FROM users
WHERE user_id = {$_GET['user_id']}

This seems like a safe query right? Wrong, what if I would enter the following this… 5 OR 1

SELECT username, password
FROM users
WHERE user_id = 5 OR 1

We now might get a listing of all the users in are table as the OR 1 always matches.

Now let’s talk about a Denial Of Service Attack. These are attacks that really don’t allow the hacker to do anything exciting. All they do is knock your web server for extended periods of time. Some ways of accomplishing this is sending large data to the server, flooding the server with packets, etc…

What makes these attacks so dangerous is that a hacker may have thousands or more computers under control that can make these attacks simultaneously. You may ask how they get access to this many computers? Well they use machines like yours and mine… by infecting them with trojans, viruses, and worms. They can instruct these machines to all hit a web server and thus cause it to go down.

Lastly we talk about the most technical of them all. Getting down to bugs in the web server software, or even the web server operating system. We all know operating systems have bugs, and some of them can cause great problems. There is a framework out there that has a whole list of bugs with particular software, and operating systems. All you really need to do is select the machine you want to target with the vulnerability and click “Attack!” These attacks can completely compromise a system by sending back a remote shell (cmd in windows) that allows a hacker to do whatever they want. Delete files, install viruses, and track banking information are a few things they could do.

Now, I don’t tell you all this to scare you away from creating web apps, as there are ways to prevent the above from happening.

make sure your software is updated regularly with patches, and fixes
make sure you server is protected by a firewall to prevent unwanted traffic
harden your web server OS (close unnecessary ports, and uninstall unwanted programs)
turn off error messages on production servers as this data can provide data to a hacker
validate all user input (don’t trust your user)
Could go on….. but you get the idea

Please let me know any stories you have regarding the above attacks, and how you handled the situation. We all need to become more aware of the dangers that lurk on the World Wide Web.

Be Sociable, Share!