Cis 502

Assignment 1: Web Server Application Attacks

.

.

CIS 502-Theories of Security Management

.

In this research paper, I will examine common web application vunerabilities and attacks. I will discuss and recommend mitigation and strategies for each. Web application attacks, primarily for PHP applications, and then presents a case study of a vulnerable Website that was found through Google and easily exploited (Grushka, N). The attacks explained are: Remote code execution, SQL injection, Format string vulnerabilities, Cross Site Scripting (XSS), and Username enumeration. This vulnerability allows an attacker to run arbitrary, system level code on the vulnerable server and retrieve any desired information contained therein. Improper coding errors lead to this vulnerability. it is difficult to discover this vulnerability during penetration testing assignments but such problems are often revealed while doing a source code review. However, when testing Web application is important to remember that exploitation of this vulnerability can lead to total system compromise with the same rights as the Web server itself. Register_globals is a PHP setting that controls the availability of "superglobal" variables in a PHP script (Grushka, N). Another common vulnerability seen under this category of includes vulnerabilities with XML-RPC applications in PHP. XML-RPC is a specification and a set of implementations that allow software running on disparate operating systems and in different environments to make procedure calls over the Internet (Grushka, N.). It is commonly used in large enterprises and Web environments. XML-RPC uses HTTP for its transport protocol and XML for data encoding. Several independent implementations of XML-RPC exist for PHP applications. A common flaw is in the way that several XML-RPC PHP implementations pass unsanitized user input. More recent PHP versions have register_globals set to off by default, however...