web hacking & defensing - · 2021. 5. 20. · 2. paros web hacking tool – strong tool for...
TRANSCRIPT
![Page 1: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/1.jpg)
Web Hacking & Defensing
February 19(Sun), 2017
Prof. Thomas Byeongnam YOON, PhD.
![Page 2: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/2.jpg)
Content
1. Web Protocol
2. Web Log
3. Web Hacking Tool
4. Wrap Up
2
![Page 3: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/3.jpg)
Learning Point : New Terminology Definition – Clear Concept
1. HTTP Protocol used for Webpages
- Create Cyber Space by HTML Web Program Language
2. Paros Web Hacking Tool
– Strong Tool for Web Vulnerability Measure, Java Open Source Based
3. Web Log Analysis
– Fundamental Knowledge of Hacking Type Analysis
4. Web Defensing Know-How
- Become a Cyber Soldier – Cyber Salvation Army
3
![Page 4: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/4.jpg)
4
Internet Logical Architecture Cyber Space L.A.
![Page 5: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/5.jpg)
5
Intranet
Intranet Logical Architecture
![Page 6: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/6.jpg)
6
Web Server Platform – Web Programming EnvironmentChronicle : HTML + [ASP Platform(MS) JSP Platform(Sun) HPH Platform(Open Source)]
![Page 7: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/7.jpg)
Web Browser (UA Platform) – Cyber Space Shuttle (1993 Netscape Navigator)
7
WebBrowser
WebServer
Request Webpage
Response Webpage
Server Client
User
AccessWebpage
Chronicle : Netscape (NCC) IE (MS) Chrome (Google: Open Source)
![Page 8: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/8.jpg)
Cyber Space Protocol – HTTP (Hyper Text Transport Protocol)
HTML File
8
Show up Screen
Translate HTML
ProcessWeb
Program
ResponseHTML
Webpage
Connect, Session Start
Request Webpage (URL/URI)
Disconnect, Session End
Response (HTML File)
1. Web Browser request Webpage
4. Execute HTML Engine & Java Script
2. Server Process
3. Response Webpage
![Page 9: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/9.jpg)
HTML File
Image File
9
Translate HTML
Show up Screen
ProcessImage
ProgramFile
Process Web
Program File
Reuse Image File
in CashOtherwiseRequest
Connect(Session Start)
Connect (Session Start)
Request Webpage(URL)
Disconnect(Session End)
Disconnect(Session End)
Request Image (URL/URI)
Response(HTML File)
Response (Image File)
Server Client
Cyber Space Protocol – HTTP (Hyper Text Transport Protocol)
![Page 10: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/10.jpg)
Cyber Space Shuttle – Web Browser Doing :
Webpage Instances HTML5, CSS, …
Server-side Program : ASP, JSP, PHP, …
SQL DBMS Language
Embedded Multi-Media Languages
: Audio, Video, Image, Streaming Service
: File Upload, Download
: Send & Receive eMail
: CSV, Excel file between DBMS, … etc. 10
Step 1. Session Start
Step 2. Data Communication
Step 3. Session End
Webpage
Browser 3 Step Procedure
![Page 11: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/11.jpg)
Cyber Space Protocol – HTTP : Step 1. Session Start Procedure
11
Client ServerReady to Service
2. Accept Connection(Send SYN, ACK)
3. Confirm Connection(send ACK)
1. Request Connection(send SYN)
4. Session Start
Global Client-Server Communication Protocol
![Page 12: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/12.jpg)
Cyber Space Protocol – HTTP : Step 2. Data Communication Procedure
12
User (Browser) Web Server
Ready to service
2. TCP Checksum Routine(Send ACK)
4. TCP Checksum Routine(send ACK)
1. Request Webpage(HTTP method, Request document-PSH)
3. Give Webpage(document-PSH)
Global Client-Server Communication
4. Repeat until Completed
![Page 13: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/13.jpg)
Cyber Space Protocol – HTTP : Step 3. Session End Procedure
13
User (Browser) Web Server
2. CLOSE-WAIT(send ACK)
4. LAST ACK(Send FIN, ACK)
5. TIME WAIT(send ACK)
3. FIN-WAIT 2
6. Session End
1. FIN-WAIT 1(send FIN, ACK)
Request Disconnection
Global Client-Server Communication Protocol
![Page 14: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/14.jpg)
Cyber Space Protocol –TCP Date lossless Protocol Packet Format
• URG : Urgent Packet • ACK : Acknowledgement of Message Received Well • PSH : Push Request Task • SYN : Data Communication Session Creation • FIN : Graceful Session End Request • RTS : Emergent Session End Request
Code - Flag Bits( Packet Control Code)
14
![Page 15: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/15.jpg)
Cyber Space Protocol – HTTP Request & Response Message Format
Header
Body
HTTP Request Message
HTTP Response Message
Web Server
15
User (Browser)
Header
Body
![Page 16: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/16.jpg)
Cyber Space Protocol – HTTP Request Message Format
16
White Space One Line as Separator
Body :Whole Parameters & Data
Header :HTTP Method + Host Domain +Client Platform Information
![Page 17: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/17.jpg)
Cyber Space Protocol – HTTP GET Method Request Massage○ HTTP GET Method Format (Message Header Only)○ Message Size : Max 2K Byte Data Length?! ( Not enough to BBS content, etc.)
Method Format Description
GET GET [request-uri]?query_string HTTP/1.1Host:[Hostname] or [IP]
GET Method request Webpage to Server withURI(URL) in its Message Header Part.
http://www.evenstar.co.kr/webpage/biglook.html : URL Window in BrowserURL/URI(Universal Resource Identification/Location)
http://www.evenstar.co.kr/wizboard.php?BID=notice : Bulletin BoardURL/URI Query String
17
![Page 18: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/18.jpg)
HTTP Method
Massage Body Part is Empty
18
Cyber Space Protocol – HTTP GET Method Request Message
Massage Header Part
![Page 19: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/19.jpg)
1. GET /index.html HTTP/1.1
// Request Method, Webpage, HTTP Version
2. User-Agent: MSIE 6.0; Windows NT 5.0
// User’s Web Browser; Platform Version
3. Accept: text/html; */* // Acceptable Data Type
4. Cookie: name = value // User Authenticate Information
5. Referer: http://www.bbb.com // Previous passage URL
6. Host: www.evenstar.co.kr // Request Domain
Cyber Space Protocol – HTTP GET Method Request Message Scan
19
![Page 20: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/20.jpg)
○ http://www.evenstar.co.kr/wizboard.php ( http Header)URI
BID=notice Query String ( http Body )
Method Format Note
POST
POST [request-uri] HTTP/1.1Host:[Hostname] or [IP]Content-Length:[Bytes]Content-Type:[Content Type]
[query-string] or [Data]
1. Data Communication of Form Based Web Pagewith Various Data & Parameters.
2. Browser can’t show up it at URL Window!
20
○ HTTP Post Method Format (Header + Body)Message Size : No limit ! ( Enough to BBS content, etc.)
Cyber Space Protocol – HTTP Post Method Request Method
One White Space Line
![Page 21: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/21.jpg)
21
Form based Webpage
![Page 22: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/22.jpg)
Header Part
22
HTTP Method
Body Part
Cyber Space Protocol – HTTP Post Method Request Message Scan
![Page 23: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/23.jpg)
23
Form based Webpage HTTP Post Method Request MessageScan Header Part
Body Part
Session(Cookie)
![Page 24: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/24.jpg)
1. HTTP/1.1 OK 200 // http version, Response Status Code2. Server: NCSA/1.4.2 // Web Sever version3. Content-type: text/html // MIME Type (Multipurpose Internet Message Extensions)4. Content-length: 107 // HTTP Message Body Size
5. <html><head></head> // Requested HTML Webpage
<Title>http protocol</Title><body>
The understanding of http protocol</body>
</html>
Header Part
Body Part
One Empty Space Line as Separator
24
Cyber Space Protocol – HTTP Response Massage Format
![Page 25: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/25.jpg)
25
Response MassageScan HTTP Response Status Code
![Page 26: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/26.jpg)
26
Form based Webpage
![Page 27: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/27.jpg)
Request(URL/URI)
• 200 : OK, Request Success
• 201 : File Created in Server
• 302 : Moved to Webpage (Previous Webpage)
• 304 : Used Local Cache Info.
• 401 : Fail Authenticate
• 403 : Denied Access
• 404 : Not Exist Webpage
• 500 : Severe Error (DB Access Error Injection)
Response(Status Code)
Web Browser Web Server
27
Cyber Space Protocol – HTTP Response Status Code
![Page 28: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/28.jpg)
POC
…..
Login
POCMoney Transfer
POCConfirm Balance
POCLog Out
= Thomas
= Who?
= Who?
= Who?
Banking Service Work Flow28
Client Sever
Cyber Space has Huge Users – Challenge & Chance Pros & Cons : Web Server Cost Performance, but User Authentication needed
Cyber Space Web Programing Method – Stateless vs State Oriented
![Page 29: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/29.jpg)
POC
…..
Login
POCMoney Transfer
POCConfirm Balance
POCLog Out
= Thomas
= Thomas
= Thomas
= Thomas
29
Client KeepsCookie
Stateless Web Programing : Cookie Server User
Authenticate
![Page 30: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/30.jpg)
POC
…..
Login
POCMoney Transfer
POCConfirm Balance
POCLog Out
= Thomas
= Thomas
= Thomas
= Thomas
30
Server User
AuthenticationClient Keeps
Cookie
Stateless Web Programing Methods : Cookie
![Page 31: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/31.jpg)
31
Stateless Web Programing Methods : Cookie
Criteria Persistence Cookie Session Cookie
Storage Disk File Browser Memory
Life Time Time-Out Value, Delete by User
Browser End
When Initial Website Connection
Send Cookie No Send Cookie
Usage Reconnect Website Access Webpages
![Page 32: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/32.jpg)
32
Stateless Web Programing Methods : Session Cookie Names
Hidden Parameter Cookie Session
Name, Password, Data +UA ++Session ID
No Expire Time Time-Out Browser End
Very Simple Secure Very Secure
Store in Client Store in Client Critical Date in Server
![Page 33: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/33.jpg)
Client
33
Show up Screen
Translate HTML
ProcessWeb
Program
ResponseHTML
Webpage
Connect, Session Start
Request Webpage (URL/URI)
Disconnect, Session End
Response (HTML File)
1. Initial request Webpage 4. Store Cookie5. Request Webpage + Cookie
2. Create Cookie3. Send Cookie6. User Authenticate
Stateless Web Programing Methods : Cookie
Server
![Page 34: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/34.jpg)
Cookie Programing Methods : Hidden Parameter from Server
![Page 35: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/35.jpg)
Stateless Web Programing Methods : Cookie + Session ID
![Page 36: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/36.jpg)
Cookie Programing Methods : User Authentificate
![Page 37: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/37.jpg)
Web Service
![Page 38: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/38.jpg)
Request(URL/URI)
• 200 : OK, Request Success
• 201 : File Created in Server
• 302 : Moved to Webpage (Previous Webpage)
• 304 : Used Local Cache Info.
• 401 : Fail Authenticate
• 403 : Denied Access
• 404 : Not Exist Webpage
• 500 : Severe Error (DB Access Error Injection)
Response(Status Code)
Web Browser Web Server
38
Cyber Space Protocol – HTTP Response Status Code
![Page 39: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/39.jpg)
Web Log Analysis Scan
![Page 40: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/40.jpg)
User (Browser) Web Server
Hacking Tool
Normal Access Response
Request
1. Request 2. Modified Request3. Response4. Modified
Response
Hacking Concept - HTTP Intercept
21
![Page 41: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/41.jpg)
Where are Hacking Points?!
21
![Page 42: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/42.jpg)
42
Paros – Open Source HTTP Intercept Tool!!
![Page 43: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/43.jpg)
43
HTTP Intercept Tool - Paros!!
Paros Client Proxy Capability
• HTTP Analysis Capability
• Web Server Hacking
• Vulnerable Point Analysis
![Page 44: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/44.jpg)
44
HTTP Intercept Tool – Paros Installation !!
![Page 45: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/45.jpg)
45
HTTP Intercept Tool – Paros Installation !!
![Page 46: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/46.jpg)
46
HTTP Intercept Tool – Paros Installation !!
![Page 47: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/47.jpg)
47
HTTP Intercept Tool – Paros Installation !!
![Page 48: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/48.jpg)
48
Paros Developed for x86 environment only
![Page 49: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/49.jpg)
49
Paros Execution
![Page 50: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/50.jpg)
50
Paros is Java Application
Short Cut to Javaw.exe
![Page 51: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/51.jpg)
51
JAVA Installation
Paros needs JDK
![Page 52: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/52.jpg)
52
JDK Installation !!
![Page 53: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/53.jpg)
53
JDK Installation !!
![Page 54: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/54.jpg)
54
JDK Installation – x86
![Page 55: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/55.jpg)
55
JDK Installation !!
![Page 56: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/56.jpg)
56
JDK Installation Completed !!
![Page 57: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/57.jpg)
57
JDK Installation x86 - Confirm !!
![Page 58: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/58.jpg)
58
JDK Installation - Confirm !!
![Page 59: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/59.jpg)
59
PAROS Execution
![Page 60: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/60.jpg)
60
PAROS Execution
![Page 61: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/61.jpg)
User (Browser)Web Server
PAROS
Normal Access Response
Request
1. Request 2. Modified Request
3. Response4. Modified
Response
HTTP Intercept – PAROS Ready to Use!
21
User Proxy
![Page 62: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/62.jpg)
○ Paros Main Functional Modules
62
Cyber Space Hacking Tool – Paros
1. Crawl : Collect URL Structure, Webpage Information
2. Scan : Find Vulnerable Pattern by Collected Information3. Report : Report Vulnerable Points
4. Proxy : Provide HTTP Proxy Platform
![Page 63: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/63.jpg)
63
Proxy Server Setting
IE Browser
![Page 64: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/64.jpg)
Proxy Server Setting
IE Browser
![Page 65: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/65.jpg)
65
Proxy ServerSetting
Chrome Browser
![Page 66: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/66.jpg)
66
Proxy ServerSetting
Chrome Browser
![Page 67: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/67.jpg)
67
Proxy ServerSetting
Chrome Browser
![Page 68: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/68.jpg)
68
Proxy ServerSetting
Chrome Browser
![Page 69: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/69.jpg)
69
Setting Paros Local Proxy : Tools>>Options>>Local Proxy
![Page 70: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/70.jpg)
14
Web Port Number Jump to Pertinent Service Program
![Page 71: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/71.jpg)
71
Web Port Number(16bits-64k) Assigned Service Handler
IANA:Internet Assigned Numbers Authority
![Page 72: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/72.jpg)
HTTP RequestHTTP Response
Crawl Structure
72
Paros Scanning
Header part
Body part
Crawl InformationURL/URIWeb Log Information
![Page 73: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/73.jpg)
73
Paros modify HTTP Data
![Page 74: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/74.jpg)
74
Paros intercept &modify HTTP Data
![Page 75: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/75.jpg)
75
Paros intercept &modify HTTP Data
![Page 76: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/76.jpg)
76
Paros Demonstration !
http://www.skku.edu/index_pc.jsp >>globalhttp://www.skku.edu/eng_home/index.jsp
GET http://admission-global.skku.edu/admission/about/welcome.jsp HTTP/1.1
GET http://admission-global.skku.edu/admission/undergraduate/schedule.jsp HTTP/1.1
Hackhttp://admission-global.skku.edu/admission/about/contact.jsp
![Page 77: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/77.jpg)
Wrap Up!
1. Stateless Web Programming
2. Cookie
3. HTTP GET and POST Method
4. Paros Proxy Server Capability
77
![Page 78: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/78.jpg)
WWW Web Service Overview – Look Around !
14
![Page 79: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/79.jpg)
Web Hacking & Defensing! - OWASP top 10 vulnerabilities
21
#1 SQL Injection#2 Broken Authentication and Session Management#3 XSS: Cross-Site Scripting#4 Insecure direct object reference#5 Security misconfiguration#6 Sensitive data exposure#7 Missing function level access control#8 Cross-site request forgery#9 Using components with known vulnerabilities#10 Invalidated redirects and forwards
OWASP : Open Web Application Security Project
![Page 80: Web Hacking & Defensing - · 2021. 5. 20. · 2. Paros Web Hacking Tool – Strong Tool for Web Vulnerability Measure, Java Open Source Based . 3. Web Log Analysis – Fundamental](https://reader035.vdocument.in/reader035/viewer/2022071511/612fced51ecc51586943b059/html5/thumbnails/80.jpg)
21
Financial
Manufacture
Technology
Healthcare
Retail
Government