Shivam Singh, profile picture
Uploaded byShivam Singh
PPTX, PDF2,285 views

Url manipulation

This document discusses URL manipulation and related attacks. It begins by introducing URLs and their structure. URL manipulation involves tampering with parameters passed in a URL, such as modifying account numbers or directory paths. This can allow access to restricted areas if not properly validated. Attacks like trial and error changing paths and directory traversal moving up the tree structure are described. Countermeasures include updating servers, restricting browsing below the site root, removing hidden files and directories, and accurately interpreting dynamic pages and backups.

Embed presentation

Downloaded 25 times
URL Manipulation Created By: Shivam Singh
Index  Introduction to URLs  What Is URL Manipulation?  URL Manipulation Attacks  Trial and Error  Directory Traversal  Countermeasures
Introduction to URLs  The URL (Uniform Resource Locator) of a web application is the vector that makes it possible to indicate the requested resource. It is a string of printable ASCII characters that is divided into five parts..  The name of the protocol  ID and password  The name of the server  The port  The access path to the resource
What Is URL manipulation?  URL Manipulation comes with all of the problems stated above about Hidden Form Fields, and creates some new problems as well.  HTML Forms may submit their results using one of two methods: GET or POST. If the method is GET, all form element names and their values will appear in the query string of the next URL the user sees. Tampering with hidden form fields is easy enough, but tampering with query strings is even easier. One need only look at the URL in the browser's address bar.
Continue…  Take the following example; a web page allows the authenticated user to select one of his pre-populated accounts from a drop-down box and debit the account with a fixed unit amount. It's a common scenario. His/her choices are recorded by pressing the submit button. The page is actually storing the entries in form field values and submitting them using a form submit command. The command sends the following HTTP request.  A malicious user could construct his own account number and change the parameters. The new parameters would be sent to the application and be processed accordingly.
URL Manipulation Attacks  By manipulating certain parts of a URL, a hacker can get a web server to deliver web pages he is not supposed to have access to.  On dynamic websites, parameters are mostly passed via the URL as follows:  The data present in the URL are automatically created by the site and when navigating normally, a user simply clicks on the links proposed by the website. http://target/forum/?cat=2
Continue…  If a user manually modifies the parameter, he can try different values, for example:  If the designer has not anticipated this possibility, the hacker may potentially obtain access to an area that is usually protected.  In addition, the hacker can get the site to process an unexpected case, for example: http://target/forum/?cat=6 http://target/forum/?cat=***********
Trial and Error  A hacker may possibly test directories and file extensions randomly in order to find important information. Here a few classic examples:  Search for directories making it possible to administer the site.  Search for a script to reveal information about the remote system.  Search for backup copies. The .bak extension is generally used and is not interpreted by servers by default.  Search for hidden files in the remote system. On UNIX systems, when the site's root directory corresponds to a user's directory, the files created by the system may be accessible via the web.
Directory Traversal  Directory traversal or path traversal attacks involve modifying the tree structure path in the URL in order to force the server to access unauthorized parts of the site.  In a classic example, the user may be forced to gradually move back through the tree structure, particularly in the event that the resource is not accessible
Countermeasures  To secure a web server against URL manipulation attacks, it is necessary to keep a watch on vulnerabilities and regularly apply the patches provided by the web server's publisher.  Moreover, a detailed configuration of the web server helps keep users from surfing on pages they are not supposed to have access to. The web server should therefore be configured as follows:  Prevent the browsing of pages located below the website's root (chroot mechanism)  Disable the display of files present in a directory that does not contain an index file ("Directory Browsing")
Continue…  Delete useless directories and files (including hidden files)  Make sure the server protects access to directories containing sensitive data  Delete unnecessary configuration options  Make sure the server accurately interprets dynamic pages, including backup files (.bak)  Delete unnecessary script interpreters  Prevent HTTP viewing of HTTPS accessible pages.
Thank You… Shivam Singh singh_shivam@ymail.com

More Related Content

PPTX
Cross Site Scripting ( XSS)
byAmit Tyagi
 
PDF
Web Application Security 101
byCybersecurity Education and Research Centre
 
PPTX
Privacy in cyberspace
bynavrecruiter2
 
PPTX
Web container and Apache Tomcat
byAuwal Amshi
 
PPT
Active Server Page(ASP)
byKeshab Nath
 
PPT
Intro to Web Application Security
byRob Ragan
 
PPT
JDBC – Java Database Connectivity
byInformation Technology
 
PDF
HTTP Security Headers
byIsmael Goncalves
 
Cross Site Scripting ( XSS)
byAmit Tyagi
 
Web Application Security 101
byCybersecurity Education and Research Centre
 
Privacy in cyberspace
bynavrecruiter2
 
Web container and Apache Tomcat
byAuwal Amshi
 
Active Server Page(ASP)
byKeshab Nath
 
Intro to Web Application Security
byRob Ragan
 
JDBC – Java Database Connectivity
byInformation Technology
 
HTTP Security Headers
byIsmael Goncalves
 

What's hot

PPTX
REST API Design & Development
byAshok Pundit
 
PDF
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
byMarco Balduzzi
 
PPT
android layouts
byDeepa Rani
 
PDF
JDBC : Java Database Connectivity
byDevAdnani
 
PDF
Broken access controls
byAkansha Kesharwani
 
PPTX
Html audio video
byMuhammad Ehtisham Siddiqui
 
ODP
HTML5
byHatem Mahmoud
 
PPT
Php Presentation
byManish Bothra
 
PPTX
zero day exploits
byAdv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
PPTX
Unit ii java script and xhtml documents and dynamic documents with javascript
byzahid7578
 
PDF
Cross Origin Resource Sharing
byLuke Weerasooriya
 
PPTX
Html forms
byHimanshu Pathak
 
PPTX
Restful web services ppt
byOECLIB Odisha Electronics Control Library
 
PPTX
Mobile application architecture
byChristos Matskas
 
PPTX
Directory Traversal & File Inclusion Attacks
byRaghav Bisht
 
PPTX
Reflective and Stored XSS- Cross Site Scripting
byInMobi Technology
 
PDF
Introduction to XHTML
byHend Al-Khalifa
 
PPTX
Vb.net ide
byFaisal Aziz
 
PPT
Html basics
bymcatahir947
 
PPTX
android sqlite
byDeepa Rani
 
REST API Design & Development
byAshok Pundit
 
HTTP Parameter Pollution Vulnerabilities in Web Applications (Black Hat EU 2011)
byMarco Balduzzi
 
android layouts
byDeepa Rani
 
JDBC : Java Database Connectivity
byDevAdnani
 
Broken access controls
byAkansha Kesharwani
 
Html audio video
byMuhammad Ehtisham Siddiqui
 
HTML5
byHatem Mahmoud
 
Php Presentation
byManish Bothra
 
zero day exploits
byAdv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Unit ii java script and xhtml documents and dynamic documents with javascript
byzahid7578
 
Cross Origin Resource Sharing
byLuke Weerasooriya
 
Html forms
byHimanshu Pathak
 
Restful web services ppt
byOECLIB Odisha Electronics Control Library
 
Mobile application architecture
byChristos Matskas
 
Directory Traversal & File Inclusion Attacks
byRaghav Bisht
 
Reflective and Stored XSS- Cross Site Scripting
byInMobi Technology
 
Introduction to XHTML
byHend Al-Khalifa
 
Vb.net ide
byFaisal Aziz
 
Html basics
bymcatahir947
 
android sqlite
byDeepa Rani
 

Similar to Url manipulation

PDF
How not to suck at Cyber Security
byChris Watts
 
PDF
CNIT 129S: 10: Attacking Back-End Components
bySam Bowne
 
PPTX
6 - Web Application Security.pptx
byAlmaOraevi
 
PDF
2012 03 27_philly_jug_rewrite_static
byLincoln III
 
PDF
Web Application Penetration Testing.pdf
bybarayapaten
 
PDF
Ch 12 Attacking Users - XSS
bySam Bowne
 
PPT
DC612 Day - Web Application Security: OWASP Top 10
bydc612
 
PDF
Rich Web App Security - Keeping your application safe
byJeremiah Grossman
 
PDF
How to Build a Web App (for Non-Programmers)
byNoah Brier
 
PDF
Noah Brier: How to build web apps
byPlanning-ness
 
PDF
CNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
bySam Bowne
 
PDF
4 andrii kudiurov - web application security 101
byIevgenii Katsan
 
PPT
unit1_last.pptsfsfsfsfsgeeyeeeyyeyeywwww
byzmulani8
 
PPTX
Burp Suite is a powerful and widely-used tool
bywaudit1
 
PPT
Web Application Security
byChris Hillman
 
PDF
CNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
bySam Bowne
 
PPTX
Web Exploitation Security
byAman Singh
 
PPTX
Prevent hacking
byViswanath Polaki
 
PPTX
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
byEric Vanderburg
 
PDF
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 2 of 3)
bySam Bowne
 
How not to suck at Cyber Security
byChris Watts
 
CNIT 129S: 10: Attacking Back-End Components
bySam Bowne
 
6 - Web Application Security.pptx
byAlmaOraevi
 
2012 03 27_philly_jug_rewrite_static
byLincoln III
 
Web Application Penetration Testing.pdf
bybarayapaten
 
Ch 12 Attacking Users - XSS
bySam Bowne
 
DC612 Day - Web Application Security: OWASP Top 10
bydc612
 
Rich Web App Security - Keeping your application safe
byJeremiah Grossman
 
How to Build a Web App (for Non-Programmers)
byNoah Brier
 
Noah Brier: How to build web apps
byPlanning-ness
 
CNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
bySam Bowne
 
4 andrii kudiurov - web application security 101
byIevgenii Katsan
 
unit1_last.pptsfsfsfsfsgeeyeeeyyeyeywwww
byzmulani8
 
Burp Suite is a powerful and widely-used tool
bywaudit1
 
Web Application Security
byChris Hillman
 
CNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
bySam Bowne
 
Web Exploitation Security
byAman Singh
 
Prevent hacking
byViswanath Polaki
 
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
byEric Vanderburg
 
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 2 of 3)
bySam Bowne
 

More from Shivam Singh

PPTX
Wpa2 psk security measure
byShivam Singh
 
PPTX
Virtualization
byShivam Singh
 
PPTX
The problems of syrian refugees and european union
byShivam Singh
 
PPTX
Lightweight cryptography
byShivam Singh
 
PPTX
I pv6 mechanism
byShivam Singh
 
PDF
Homomorphic encryption in_cloud
byShivam Singh
 
PPTX
Enhancing security in cloud storage
byShivam Singh
 
PPTX
Democracy is mobocracy in india
byShivam Singh
 
PPTX
Cloud computing
byShivam Singh
 
PDF
Data security in cloud environment
byShivam Singh
 
PPTX
Threads
byShivam Singh
 
Wpa2 psk security measure
byShivam Singh
 
Virtualization
byShivam Singh
 
The problems of syrian refugees and european union
byShivam Singh
 
Lightweight cryptography
byShivam Singh
 
I pv6 mechanism
byShivam Singh
 
Homomorphic encryption in_cloud
byShivam Singh
 
Enhancing security in cloud storage
byShivam Singh
 
Democracy is mobocracy in india
byShivam Singh
 
Cloud computing
byShivam Singh
 
Data security in cloud environment
byShivam Singh
 
Threads
byShivam Singh
 

Recently uploaded

PPTX
COĞRAFYA ödevi 70 sayfa güzeldir hayırlı olsun
bydtilter
 
PPT
Memory Organization In Assembly Language
byumairmuhammad0409
 
PDF
WShell Gameplay and Games of Games of Games
byzramirezmtz9
 
PDF
Here are the winners of KALIDASA SAMMAN.
byglcppro
 
PPTX
Computer Science Degree for College .pptx
byHanenek1
 
PDF
Top 5 Snapchat Tracker Apps for Safe and Responsible Monitoring
byMichael Carter
 
PPTX
mc l2 Overview of Computer and Web-Technology.pptx
byavanikharde
 
PDF
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
PDF
WShell Gameplay and Games of Games of Games
byzramirezmtz9
 
PPTX
SriLank SLT LTE Network Sharing V2.pptx
bynthuang
 
PPT
Lecture_3 Network Securityyyeyeyyeeyyeywy.ppt
bysawsan202
 
PPTX
Introduction Digital Signal Processing.pptx
byumairmuhammad0409
 
PPTX
Abhishek Jaiswal.ppt.pptx for you it is very useful for me and I am sharing w...
byabhishekjaiswal5th33
 
DOCX
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
PPTX
CaseStudy-CloudMigration -For USE CASE -Customer Success Info -6-Aug-25.pptx
bywinlentech
 
PPTX
Artificial Intelligence (AI) Technology Project Proposal _ by Slidesgo.pptx
byadhyaadi804
 
PDF
classification of elements and periodicity.pdf
byaryanshreya2010
 
PDF
tokiohotellistening.pdf for tokiohotelfans
byrafaelgombos1234
 
PPTX
Types of Cryptograph Symmetric Ceaser cipher and also about Assymetric
byhamzaabdulqadeer11
 
PPTX
Computer Networks 01[1 using all terms].pptx
bywaqasahmedbhatti633
 
COĞRAFYA ödevi 70 sayfa güzeldir hayırlı olsun
bydtilter
 
Memory Organization In Assembly Language
byumairmuhammad0409
 
WShell Gameplay and Games of Games of Games
byzramirezmtz9
 
Here are the winners of KALIDASA SAMMAN.
byglcppro
 
Computer Science Degree for College .pptx
byHanenek1
 
Top 5 Snapchat Tracker Apps for Safe and Responsible Monitoring
byMichael Carter
 
mc l2 Overview of Computer and Web-Technology.pptx
byavanikharde
 
ARTIFICIAL INTELLIGENCE DEVELOPMENT SERVICE
bydavidjohansen1597
 
WShell Gameplay and Games of Games of Games
byzramirezmtz9
 
SriLank SLT LTE Network Sharing V2.pptx
bynthuang
 
Lecture_3 Network Securityyyeyeyyeeyyeywy.ppt
bysawsan202
 
Introduction Digital Signal Processing.pptx
byumairmuhammad0409
 
Abhishek Jaiswal.ppt.pptx for you it is very useful for me and I am sharing w...
byabhishekjaiswal5th33
 
BestMaker.ai: The Complete Brand Story, Founder's Vision, and AI Creative Pla...
byssuser7381d6
 
CaseStudy-CloudMigration -For USE CASE -Customer Success Info -6-Aug-25.pptx
bywinlentech
 
Artificial Intelligence (AI) Technology Project Proposal _ by Slidesgo.pptx
byadhyaadi804
 
classification of elements and periodicity.pdf
byaryanshreya2010
 
tokiohotellistening.pdf for tokiohotelfans
byrafaelgombos1234
 
Types of Cryptograph Symmetric Ceaser cipher and also about Assymetric
byhamzaabdulqadeer11
 
Computer Networks 01[1 using all terms].pptx
bywaqasahmedbhatti633
 

Url manipulation

  • 1.
  • 2.
    Index  Introduction toURLs  What Is URL Manipulation?  URL Manipulation Attacks  Trial and Error  Directory Traversal  Countermeasures
  • 3.
    Introduction to URLs The URL (Uniform Resource Locator) of a web application is the vector that makes it possible to indicate the requested resource. It is a string of printable ASCII characters that is divided into five parts..  The name of the protocol  ID and password  The name of the server  The port  The access path to the resource
  • 4.
    What Is URLmanipulation?  URL Manipulation comes with all of the problems stated above about Hidden Form Fields, and creates some new problems as well.  HTML Forms may submit their results using one of two methods: GET or POST. If the method is GET, all form element names and their values will appear in the query string of the next URL the user sees. Tampering with hidden form fields is easy enough, but tampering with query strings is even easier. One need only look at the URL in the browser's address bar.
  • 5.
    Continue…  Take thefollowing example; a web page allows the authenticated user to select one of his pre-populated accounts from a drop-down box and debit the account with a fixed unit amount. It's a common scenario. His/her choices are recorded by pressing the submit button. The page is actually storing the entries in form field values and submitting them using a form submit command. The command sends the following HTTP request.  A malicious user could construct his own account number and change the parameters. The new parameters would be sent to the application and be processed accordingly.
  • 6.
    URL Manipulation Attacks By manipulating certain parts of a URL, a hacker can get a web server to deliver web pages he is not supposed to have access to.  On dynamic websites, parameters are mostly passed via the URL as follows:  The data present in the URL are automatically created by the site and when navigating normally, a user simply clicks on the links proposed by the website. http://target/forum/?cat=2
  • 7.
    Continue…  If auser manually modifies the parameter, he can try different values, for example:  If the designer has not anticipated this possibility, the hacker may potentially obtain access to an area that is usually protected.  In addition, the hacker can get the site to process an unexpected case, for example: http://target/forum/?cat=6 http://target/forum/?cat=***********
  • 8.
    Trial and Error A hacker may possibly test directories and file extensions randomly in order to find important information. Here a few classic examples:  Search for directories making it possible to administer the site.  Search for a script to reveal information about the remote system.  Search for backup copies. The .bak extension is generally used and is not interpreted by servers by default.  Search for hidden files in the remote system. On UNIX systems, when the site's root directory corresponds to a user's directory, the files created by the system may be accessible via the web.
  • 9.
    Directory Traversal  Directorytraversal or path traversal attacks involve modifying the tree structure path in the URL in order to force the server to access unauthorized parts of the site.  In a classic example, the user may be forced to gradually move back through the tree structure, particularly in the event that the resource is not accessible
  • 10.
    Countermeasures  To securea web server against URL manipulation attacks, it is necessary to keep a watch on vulnerabilities and regularly apply the patches provided by the web server's publisher.  Moreover, a detailed configuration of the web server helps keep users from surfing on pages they are not supposed to have access to. The web server should therefore be configured as follows:  Prevent the browsing of pages located below the website's root (chroot mechanism)  Disable the display of files present in a directory that does not contain an index file ("Directory Browsing")
  • 11.
    Continue…  Delete uselessdirectories and files (including hidden files)  Make sure the server protects access to directories containing sensitive data  Delete unnecessary configuration options  Make sure the server accurately interprets dynamic pages, including backup files (.bak)  Delete unnecessary script interpreters  Prevent HTTP viewing of HTTPS accessible pages.
  • 12.