Write Peer Response:
Hello class,
The three web server vulnerabilities I saw were SQL Injection, Cross Site Scripting, and Insecure Direct Object References.
SQL Injection: This type of vulnerability allows an attacker to alter back end SQL statements through the manipulation of user supplied data. Because it tricks the interpreter, an attacker can make it execute unintended commands and access unauthorized data. Additionally, this type of attack can expose the back end database. The objects vulnerable to this type of attack are input fields and interacting URLs.
Cross Site Scripting: This attack, also known as XSS, targets scripts embedded in a page that are executed on the client side. This is possible when the application takes untrusted data and sends it to the web browser without proper validation. This enables the attacker to execute malicious scripts on the browser which can then hijack the session, or redirect the user to another malicious site.
Insecure Direct Object References: This type of attack happens when a developer exposes a reference to an internal implementation object in the URL or as a FORM parameter. The attacker can then use this information to access other objects which basically opens access to potentially unauthorized data. I personally have messed around with this (Not in a malitious way) by putting in common terms at the end of a URL such as /files or /admin. Its rare to find sites with this open, but the are out there. Another way is to use /robots.txt to see if they happen to have a URL directory on there.
-Rafael
Why Choose Us
- 100% non-plagiarized Papers
- 24/7 /365 Service Available
- Affordable Prices
- Any Paper, Urgency, and Subject
- Will complete your papers in 6 hours
- On-time Delivery
- Money-back and Privacy guarantees
- Unlimited Amendments upon request
- Satisfaction guarantee
How it Works
- Click on the “Place Your Order” tab at the top menu or “Order Now” icon at the bottom and a new page will appear with an order form to be filled.
- Fill in your paper’s requirements in the "PAPER DETAILS" section.
- Fill in your paper’s academic level, deadline, and the required number of pages from the drop-down menus.
- Click “CREATE ACCOUNT & SIGN IN” to enter your registration details and get an account with us for record-keeping and then, click on “PROCEED TO CHECKOUT” at the bottom of the page.
- From there, the payment sections will show, follow the guided payment process and your order will be available for our writing team to work on it.