The document discusses various web hacking techniques including authentication bypass via token manipulation, session hijacking, brute forcing login pages, and HTTP parameter pollution. It provides a breakdown of each attack method along with preventative measures such as using SSL, rate limiting, and secure password practices. The focus is on enhancing security through better user session management and input validation.

1. ~ Aditya Kamat
BMS College of Engineering
WEB HACKING SERIES PART-2

2. TOPICS LEARNT TILL NOW :--
• Basics of web and a little about networks.
• HTML injection.
• SQL injection to bypass authentication.
• Buffer overflow attack.

3. TO BE COVERED TODAY :
• Bypass Authentication Via Authentication Token
Manipulation.
• Session hijacking.
• Brute forcing login pages using burp.
• HTTP parameter pollution.

4. BYPASS AUTHENTICATION VIA
AUTHENTICATION TOKEN MANIPULATION
• Basic idea is to login as another user (preferably as
admin) by changing a few values in the cookies stored
for the particular site.
• Use Cookiemanager+ plugin to manipulate cookies.
• Usually admin will be in the first row of the users table.

5. SOLUTION:
• Use Session variables to authenticate users instead of
cookies.
• Use a hashing methods to hash the id’s used to
authenticate instead of keeping them in plaintext.
• Keep large numbers as id’s to prevent such attacks.
• Choose a random large number instead of
incrementing id by one every time.

6. SESSION HIJACKING
• This occurs when the client’s session cookie is used to identify
the session on the server.
• We just need to obtain the session of the user to login into
his/her account.
• We can have access to the account as long as the user does
not log out.
• Cookies can be obtained by MITM or by getting access to the
victim’s machine.

7. PREVENTION :
• USE SSL FOR THE ENTIRE SITE. This is the only way to
prevent MITM easily.
• Logout the user after a certain duration of inactivity. (More load
on the server because it will have to maintain a timer for each
user)
• Ask the users to logout every time before closing their browsers.

8. BRUTE FORCING LOGIN PAGES USING BURP
• Brute forcing is a method to try out all possible
usernames and passwords from a given space.
• This attack is used to get the credentials of a legitimate
user of a website.
• It is really fast when we have the username of the user.
• We use the intruder tool in burp to brute force login
forms.

9. PREVENTION :
• Rate limiting has been proven to be the best solution
and has been implemented in many well known
websites.
• It check this based on username and the IP of the user
trying to brute force.
• Force users to use secure passwords and inform them
not to use the same password across multiple
platforms.
• Use Captchas.

10. HTTP PARAMETER POLLUTION
• HTTP Parameter Pollution can occur when multiple parameters
with the same name but different values are submitted to the
application.
• Depending on the application server type, the parameter used
may be the first, second, or a combination of the two.
• Demo: A1 injection(other)->HTTP parameter pollution->Poll
question.

11. PREVENTION :
• Take each variable as an array and accept only the first
element of the array as a valid input. Others have to be
discarded.
• Validate user input to check if it is one of the expected
results.

12. THANK YOU!!!