Documente Academic
Documente Profesional
Documente Cultură
18-9804
Ethical Hacking
Name :-
. Gaining Access
. Maintaining Access
. Covering Tracks
8. Insecure Deserialization
This threat targets the many web applications which frequently
serialize and deserialize data. Serialization means taking objects
from the application code and converting them into a format
that can be used for another purpose, such as storing the data
to disk or streaming it. Deserialization is just the opposite:
converting serialized data back into objects the application can
use. Serialization is sort of like packing furniture away into
boxes before a move, and deserialization is like unpacking the
boxes and assembling the furniture after the move. An insecure
deserialization attack is like having the movers tamper with the
contents of the boxes before they are unpacked. An insecure
deserialization exploit is the result of deserializing data from
untrusted sources, and can result in serious consequences like
DDoS attacks and remote code execution attacks. While steps
can be taken to try and catch attackers, such as monitoring
deserialization and implementing type checks, the only sure
way to protect against insecure deserialization attacks is to
prohibit the deserialization of data from untrusted sources.
9. Using Components With Known Vulnerabilities
Many modern web developers use components such as
libraries and frameworks in their web applications. These
components are pieces of software that help developers avoid
redundant work and provide needed functionality; common
Kushal Ashar
18-9804
and vice versa. DNS uses UDP port 53 to serve its requests. A
zone subsequently stores all information, or resource records,
associated with a particular domain into a zone file; Resource
records responded by the name servers should have the
following fields:
Domain Name — Identifying the domain name or owner of the
records
Record Types — Specifying the type of data in the resource
record
Record Class — Identifying a class of network or protocol family
in use
Time to Live (TTL) — Specifying the amount of time a record
can be stored in cache before discarded.
Record Data — Providing the type and class dependent data to
describe the resources.
A (address)—Maps a hostname to an IP address
SOA (Start of Authority)—Identifies the DNS server responsible
for the domain information
CNAME (canonical name)—Provides additional names or aliases
for the address record
MX (mail exchange)—Identifies the mail server for the domain
Kushal Ashar
18-9804
PING SCAN
Ping Scans are used to sweep a whole network block or a single
target to check to see if the target is alive. It sends an ICMP
echo request to the target – if the response is an ICMP reply,
then you know the target is alive. However, it is increasingly
becoming more common that ICMP pings are being blocked by
firewalls and routers that you will likely have to resort to other
methods to accurately tell if the target is alive.
TCP HALF-OPEN
This is probably the most common type of port scan. This is a
relatively quick scan that can potentially scan thousands of
ports per second. It works this way because it does not
Kushal Ashar
18-9804