Posts

Image
  WEB APP VULNERABILITY-2  Vulnerabilities: 1. Subdomain Takeover 2. Host Header Injection 3. Content Spoofing 4. EXIF Geolocation Data Not Stripped From Uploaded Images 5. Open Redirect Vulnerability 6. Open Directory 1. Subdomain Takeover:    Subdomain takeover is a critical web security vulnerability that occurs when an attacker gains control over a subdomain of a website. This vulnerability usually arises when an organization points a subdomain to an external resource, such as a cloud service or a third-party platform, but later ceases to control that resource. Yet, the DNS records for the subdomain remain active. Exploiting this situation, an attacker can register the external resource and effectively hijack the subdomain. This malicious act can lead to a range of threats, including redirecting traffic to malicious sites, launching phishing campaigns, or injecting malicious content into the legitimate website.   Mitigation:  To mitigate the risk of sub...
Post a Comment
Read more
Image
  Web-App Vulnerability: 1. Denial-of-Service (DOS) Attack via Long Password 2. Cross-Site Scripting (XSS) 3. Client-Side Validation Bypass 4. Open Directory Vulnerability 5. Insecure Direct Object Reference (IDOR) 1.Denial-of-Service (DoS) Attack via Long Password:  A Denial-of-Service (DoS) attack via a long password is a cyberattack aimed at disrupting a service's availability by submitting an exceptionally long or resource-intensive password during the authentication process. The attack unfolds as follows: Authentication : In typical systems, users provide a username and password for authentication. Long Password : Attackers use an abnormally long or resource-intensive password during authentication. Resource Strain : Processing this input consumes excessive server resources (CPU, memory), causing the system to become unresponsive or crash. Service Denial : Legitimate users are unable to access the service due to resource exhaustion, resulting in a denial of service. To de...
Post a Comment
Read more
Image
  VULNERABILITY: A vulnerability is a weakness that can be exploited by cybercriminals to gain unauthorized access to a computer system. After exploiting a vulnerability, a  cyberattack  can run malicious code, install  malware , and even steal  sensitive data . COMMON VULNERABILITY: 1. Brute Force attacks 2. CSRF vulnerability 3. Clickjacking Vulnerability 4. Long Password DoS Attack 5. Client-Side Validation Bypass Vulnerability 6. SQL Injection 7. Broken Authentication 8. Rate Limit issues 9. XSS 10. Broken Access Control 1.B rute For ce Attacks: Brute force attacks involve systematically trying every possible combination of usernames and passwords until the correct credentials are found. For instance, an attacker may use automated tools to repeatedly attempt to log in to an online account, such as email or banking, by trying various username and password combinations. This method is time-consuming but can be effective, especially if users have weak or easily...
Post a Comment
Read more