Page 1
Hacking Webservers
Prof. Dr. Ameer Ali
Professor & ChairmanDepartment of Computer Science & Engineering
Bangladesh University of Business and Technology (BUBT)
Page 3
Web Server Market Shares
Page 4
Web Server Security Issue
Page 5
Why Web Servers Are Compromised
Page 6
Open Source Web Server Architecture
Page 7
IIS Web Server Architecture
Page 9
Dos/DDoS Attacks Tools
1. LOIC (Low Orbit Ion Cannon)-https://github.com/NewEraCracker/LOIC
2. XOIC - http://anonhacktivism.blogspot.com/2017/11/new-xoic-ddos-tool-download.html
3. HULK (HTTP Unbearable Load King) http://packetstormsecurity.com/files/112856/HULK-Http-Unbearable-Load-King.html
4. DDOSIM—Layer 7 DDOS Simulator- http://sourceforge.net/projects/ddosim/
5.R-U-Dead-Yet-https://code.google.com/p/r-u-dead-yet/
Page 10
Dos/DDoS Attacks Tools
6. Tor’s Hammer - http://packetstormsecurity.com/files/98831/
7. PyLoris- http://sourceforge.net/projects/pyloris/
8. OWASP DOS HTTP POST -https://code.google.com/p/owasp-dos-http-post/
9. DAVOSET-http://packetstormsecurity.com/files/123084/DAVOSET-1.1.3.html
10. GoldenEye HTTP Denial Of Service Tool- http://packetstormsecurity.com/files/120966/GoldenEye-HTTP-Denial-Of-Service-Tool.html
Page 13
DNS Server Hijacking
Page 14
DNS Amplification Attack
Page 15
Directory Traversal Attacks
Page 16
Directory Traversal Attacks
Page 17
Example Traversal Attacks
Page 18
Man-in-the- Middle/Sniffing Attack
Page 19
ARP Spoofing for a MitM Attack
What we will be doing here, is using ARP spoofing to place ourselves between two machines making the client
believe we are the server and the server believe we are the client. With this, we can then send all the traffic through
our computer and sniff every packet that goes in either direction.
Hope all that makes sense! Let's get started with our MitM attack by opening up BackTrack!
Page 20
arpspoof can do this for us by
replacing the MAC address of the
client and the server with our MAC
address in the ARP table.
Page 27
Website Defacement
Page 28
Web Server Misconfiguration
Page 29
Web Server Misconfiguration Example
Page 30
HTTP Response Splitting Attack
Page 31
HTTP Response Splitting Attack (cont’d)
Page 33
SSH Bruteforce Attack
Page 34
Web Server Password Cracking
Page 35
Web Server Password Cracking
Page 36
Web Application Attacks
Page 37
Web Server Attack Methodology
Page 38
Web Server Attack Methodology: Information Gathering
Page 39
Web Server Attack Methodology: Information Gathering From Robots.txt File
Page 40
WebServer Attack Methodology :Webserver Footprinting
Page 41
Webserver Footprinting Tools
Page 42
Enumerating Webserver information Using Nmap
Page 44
Webserver Attack Methodology: Mirroring a Website
Page 45
Webserver Attack Methodology: Vulnerability Scanning
Page 46
ACUNETIX WEB VULNERABILITY SCANNER
Page 47
Webserver Attack Methodology: Session Hijacking
Page 48
Webserver Attack Methodology: Hacking Web Passwords
Page 49
Webserver Attack Tool: Metasploit
Page 50
Metasploit Architecture
Page 51
Metasploit Payload Module
Page 52
Metasploit Auxiliary Module
Page 53
Metasploit NOPS Module
Page 54
Webserver Attack Tool :Wfetch
Page 55
Web Password Cracking Tools:THC-Hydra and Brutus
Page 56
Place Web Servers in Separate Secure Server Security Segment on Network
Page 57
Countermeasures: Patches and Update
Page 58
Countermeasures: Protocols
Page 59
Countermeasures: Accounts
Page 60
Countermeasures: files and Directories
Page 61
Detecting Web Server Hacking Attempts
Page 62
How to Defend Against Web Server Attackes
Page 63
How to Defend Against Web Server Attacks(cont’d)
Page 64
How to Defend against HTTP Response Splitting and Web Cache Poisoning
Page 65
How to Defend against DNS Hijacking
Page 66
Patches and Hotfixes
Page 67
What is Patch Management
Page 68
Identifying Appropriate Sources for Updates and Patches
Page 69
Installation of a Patch
Page 70
Implementation and Verification of a Security Patch or Upgrade
Page 71
Patch Management Tool: Microsoft Baseline Security Analyzer (MBSA)
Page 72
Patch Management Tools
Page 73
Web Application Security: Syhunt Dynamic and N-Stalker Web Application Security Scanner
Page 74
Web Server Security Scanners: Wikto and Acunetix Web Vulnerability Scanner
Page 75
Web Server Malware Infection Monitoring Tool: HackAlert
Page 76
Web Server Malware Infection Monitoring Tool: QualysGuard Malware detection
Page 77
Web Server Security Tools
Page 78
Web Server Penetration Testing
Page 79
Web Server Penetration Testing
Page 80
Web Server Penetration Testing
Page 81
Web Server Penetration Testing
Page 82
Web Server Penetration Testing
Page 83
Web Server Pen Testing Tool: Core Impact@ Pro
Page 84
Web Server Pen Testing Tool: Immunity CANVAS
Page 85
Web Server Pentesting Tool: Arachni
Page 86
Next Class• Web Application Penetration Testing• Vulnerabilities Testing• Web Application Hacking• How to Secure Web Application