Penetration Test - Select Your Attacks(9)

Application Exploits, Part II

AUTHENTICATION EXPLOITS
  • Credential brute forcing
    • Offline cracking(Hydra)
  • Session hijacking
    • Intercepting and using a session token(generally) to take over a valid distributed (web) session
  • Redirect
    • Sending the user to a different site from what they expected (phishing)
  • Default credentials
    • Out of the box artifacts (you have to clean these up!)
  • Weak credentials
    • This is why password cracking works
  • Kerberos exploits
    • Forged tickets to allow unauthorized access to resources
AUTHORIZATION
  • Parameter pollution
    • Providing custom input parameters to alter service/API operation
  • Insecure direct object reference
    • Programming mistake that can allow an attacker to bypass access controls and access resources or data
QUICK REVIEW
  • Authentication attacks include credential brute forcing, session hijacking, redirecting, and forged Kerberos tickets
  • If you can acquire valid authentication credentials, you have access to lots of data
  • Authorization attacks include parameter pollution and insecure direct object reference
posted @ 2020-10-02 09:58  晨风_Eric  阅读(82)  评论(0编辑  收藏  举报