Skip to content

This repository is about IT-Security / how to recognise security vulnerabilities (e.g. SQL injections) and demonstrate them on a webshop that is designed for this purpose.

Notifications You must be signed in to change notification settings

Svendolin/All-about-HACK

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 

Repository files navigation

GitHub commit activity GitHub contributors GitHub forks GitHub last commit GitHub code size in bytes


HTML - ALL ABOUT SECURITY STUFF - ✔

IMPORTANT: Use what you learn for the good side. Harming others with it is uncool and not appropriate!

TRY YOUR KNOWLEDGE: OWASP Juice Shop: Probably the most modern and sophisticated insecure web application: CLICK HERE

Link to the Github Version to clone their repository: https://github.com/juice-shop/juice-shop




Some important words and phrases💥


Name Where Meaning
1) Xss Attack / Crosssite Scripting Input fields If you put code (like Javascript code ) into an input field and inject it into the website, it will be executed by the browser or several other devices. This is called Cross Site Scripting (XSS) and can be used to steal cookies, session tokens, or redirect the user to a malicious site.
2) SQL Injection ... If you safe date, these are going to be saved in a SQL-Table. The Structured Query Language is used here to work with these data types. We take over the administrator, decrypt the password and have access to his account (Email and Password out of a database table) when we put SQL Code into an input field
3) Front-End Validation ... Important data, e.g. of a webshop (prices and product names) should not only be validated in the front-end, but also in the back-end. In the best case, we send the ID of a product to the back-end, as it is easy to rewrite the HTML source code locally in the front-end through the Inspector.
4) SSL Certificate ... Connection between browser and web server takes place unencrypted (downloads, uploads etc)
5) Port 80 vs Port 443 ... HTTP Port is usually described as "80" while the secured protocol (https) is known as 443
6) HEX-Encoding ... Passwords can be encrypted, e.g. by encoding them. The decoding is in return the re-encryption. Wireshark itself has the tool to copy lines and show this section as printable text "druckbarer Text" (conversion)

Some notes about the related stuff above explained with some codes:

/* -- 1) Injected in an input field, this is going to redirect to its website as shown (Google) when the page is tring to load -- */
<script>
  window.location.href = "https://www.google.com";
</script>

Frontend, Backend and DB:

  • Frontend is what we see and has been manupulated. The frontend communicates with a backend that processes and stores the data.

  • The backend is not visible to the user and is realised by PHP, Node.js or Python, for example. The backend reads the data from the frontend, then receives and stores the data in a database.

  • The data is stored in the database and can be retrieved from there.

Post Request (Also mentioned in PHP Repository)

  • Frontend sends data to the backend (e.g. username and password) and the backend checks if the data is correct. Post ADDS data to the database.

=> The aim is to prevent HTML code from being entered in the first place by rewriting the character. Thus, "<" characters are often replaced


Technologies and Installation ✅


WIRESHARK:

Wireshark is a free software for analysis and graphical processing of data protocols, which was created in 2006 as a fork of the program Ethereal. Such data protocols are used by computers on various communication media such as the local network, Bluetooth or USB. Wireshark is a packet sniffer and analysis tool. It captures network traffic on the local network and stores this data for offline analysis.

/* ---- Your notes here ---- */




Collaboration ✅


Feel free to contact me if you've seen something wrong, found some errors or struggled on some mistakes! Always happy to have a clean sheet here! :)




FAQs ✅


0 Questions have been asked, 0 answers have been given, 0 changes have been made.

Questions Anwers Changes
0 0 0

About

This repository is about IT-Security / how to recognise security vulnerabilities (e.g. SQL injections) and demonstrate them on a webshop that is designed for this purpose.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published