Thursday, January 21, 2016

alert(‘XSS – Pwn3d!’) – The Real Dangers of Cross-Site Scripting [x-post]



Cross-site scripting, or otherwise known as XSS, is the most common web application vulnerability on the internet. I have found this to be true through both data research and personal experience during penetration testing engagements. What is XSS? Simply put XSS is a vulnerability where a malicious user can insert script-code into an application to later have another user unknowingly execute it. All too often web application developers will overlook sanitizing user input whether throughout the entire application or a single parameter. In my experience some common spots for XSS vulnerabilities to occur are in comments, account names, or titles for pages/posts. Unfortunately, XSS is sometimes seen as a less-than-severe vulnerability. I’m writing this blog to explain how and why XSS is one of the most severe vulnerabilities an application can have.
XSS is bad. Let’s clear the air now. But why is XSS so bad? Is forcing annoying pop-up alerts on unsuspecting users truly that big of a deal? The simple answer is yes; any time a user can create code that is run by another user there should be alarms going off and administrators’ jaws dropping. Let’s go beyond alert(‘Pwn3d!’); and look at some of the severe consequences XSS can lead to...

Monday, January 11, 2016

Securing Apache On Ubuntu/Debian [x-post]




So you have an Apache2 webserver completely configured and installed on an Ubuntu/Debian machine. Perhaps you are using a MySQL backend along with PHP support (How To Install LAMP Server On Ubuntu ). But what happens when malicious attackers or bots begin to stress your server? As the savvy administrator or tech connoisseur that you are, you decide to take your Apache web server’s security into your own hands.
Below are just a few quick steps to enhance the security of an Apache installation....

Installing LAMP Server On Ubuntu (Linux, Apache, PHP, MySQL) [x-post]



A key component of any enterprise network will often be a functional webserver with PHP compatibility and a database back-end. On a Linux server, a common setup is to use Apache HTTP Server as the primary webserver.
Combining the Apache HTTP Server along with PHP and MySQL functionality on a Linux machine is referred to as a LAMP stack. LAMP simply stands for Linux, Apace, MySQL, and PHP.
The following guide will streamline the process of setting up a LAMP stack on your own Ubuntu server....

NullByte: 1 [Walkthrough] [x-post]


It’s that time again; to practice our penetration testing skills and tactics! NullByte: 1 is another root-the-box type challenge that can be found on http://vulnhub.com. Like other challenges on the site, the goal is to read the flag hidden in the root directory of the server… but you have to exploit your way to root first. For this walkthrough I will be using a KALI 2.0 virtual machine as my attack host. Without further delay, let’s dive in to NullByte: 1!...

Read it all here!

Ubuntu Server Hardening Guide

A key concept in security is ensuring that your server’s operating system is adequately secured, or “hardened”. All too often server administrators will focus on security at their application layer such as a webserver with dynamic content. While this is absolutely important, one must not forget to harden their server’s operating system to prevent against initial exploitation and consequently post-exploitation attacks such as privilege escalation. Operating system hardening should be implemented before any services are hosted, whether the system be in a production or development environment. The following tips and tricks are some easy ways to quickly harden an Ubuntu server....

Read it all here!

Application Security Testing Tutorial via Rooting Hackademics RTB1 [x-post]


Hackademic Root The Box 1 is a vulnerable virtual machine that can be found on vulnhub.com. The goal is to exploit the machine and read the key.txt file in the root home directory. As far as root-the-box challenges go, Hackademic.RTB1 is on the easier side which is why I often recommend this as a starting point for engineers who are looking to get into the penetration testing scene. Once downloaded and loaded up into your preferred virtualization environment it’s time to start hacking away! ....



Read it all here!