Server Hacking - How to Hack Web Server ?
What is a Web server ?
- A web server is a storage area, which in-turn a program,
- That stores files ( web pages, CSS Scripts, images, java script files ) relevant to the websites in a secure folder.
- Control website and file access located in the server by the website users via the internet.
- Control sessions and maintain file access details
- Web server indicates both Hardware and software.
Learn Ethical Hacking - Ethical Hacking tutorial - What is Web Server - Ethical Hacking examples - Ethical Hacking programs
How Web server works ?
Learn Ethical Hacking - Ethical Hacking tutorial - How Web server works - Ethical Hacking examples - Ethical Hacking programs
- HTTP (Hyper Text Transfer Protocol) is used to transfer web pages from a Web Server to Web Client (Browser).
- Web Pages are arranged in a directory structure in the Web Server.
- HTTP supports CGI (Common Gateway interface).
- Why HTTP is used in Websites - The reason is, HTTP supports Virtual Hosting (Hosting multiple sites on the same server).
Learn Ethical Hacking - Ethical Hacking tutorial - HTTP used in Websites - Ethical Hacking examples - Ethical Hacking programs
Web Server Vulnerabilities
Attackers typically targets the exploits in the software part to enter into the server. Below are some of the possibility of attacking the server through wild guessing.
- Default settings of the server
- By default, the user name and passwords can be easily guessed by the attackers. For example, the default credentials for mysql is root (Username) and the password is empty.
- Attackers may guess the Default settings which might got some of the basic tasks to be performed in the server such as running commands on the server which can be exploited.
- Mistakes by the admin - Misconfiguration
- Sometimes, by mistake administrators will give access roles to the users unknowingly which permits the way such as allowing users to execute commands on the server.
- Software Bugs
- By default, the webserver may have bugs and this paves a way for the attackers to gain unauthorized access to the system.
Learn Ethical Hacking - Ethical Hacking tutorial - Web Server vulnerabilities - Ethical Hacking examples - Ethical Hacking programs
Types of Web Servers
- The following is a list of the common web servers
- Apache 45% - What is Apache - It is free and open source and thus is in reach to many. It is cross platform but is it’s usually installed on Linux. Most PHP websites are hosted on Apache servers.
- Microsoft Internet Information Services (IIS) 20% - What is IIS - Microsoft’s product and its uses are increasing substantially. Websites designed with DotNet Framework will be hosted inturn the web pages will have the extension of asp and aspx.
- Apache Tomcat 20% - What is tomcat server - Java Web Server - Java server pages (JSP) websites will be hosted in this type of web server.
- NGINX 12% - What is nginx server - This web server is used to host large websites like Facebook, Twitter. The reason for using NGINX is because of its good multithreading capabilities.
- Other 5% - These include Novell's Web Server and IBM’s Lotus Domino servers.
Learn Ethical Hacking - Ethical Hacking tutorial - Types of Web Servers - Ethical Hacking examples - Ethical Hacking programs
Web Server Attack Techniques
Learn Ethical Hacking - Ethical Hacking tutorial - Web Server Attack Techniques - Ethical Hacking examples - Ethical Hacking programs
- Denial of Service Attacks - What is DOS / DDOS - continuous hits on the web server. Using this type of attack, the web server may crash and the website will be down.
Learn Ethical Hacking - Ethical Hacking tutorial - Denial of Service Attacks - Ethical Hacking examples - Ethical Hacking programs
- Domain Name System Hijacking - What is dns hijacking - Repointing to attacker’s web server. So that, the users will go to the attacker’s website which may increase the number of hits for the newly redirected websites.
Learn Ethical Hacking - Ethical Hacking tutorial - Domain Name System Hijacking - Ethical Hacking examples - Ethical Hacking programs
- Sniffing- What is sniffing - Unencrypted data sent over the network may be intercepted and used to gain unauthorized access to the web server.
Learn Ethical Hacking - Ethical Hacking tutorial - sniffing - Ethical Hacking examples - Ethical Hacking programs
- Phishing - What is phishing attack - With this type of attack, the attack impersonates the websites and directs traffic to the fake website. Unsuspecting users may be tricked into submitting sensitive data such as login details, credit card numbers, etc.
Learn Ethical Hacking - Ethical Hacking tutorial - phishing - Ethical Hacking examples - Ethical Hacking programs
- Pharming - Using this type of attacking, the attacker will compromise the Domain Name System (DNS) servers. So that, Fake Server IP will be given to the user PC and the user will be redirected to the fake server which is in the hands of a attacker.
Learn Ethical Hacking - Ethical Hacking tutorial - Pharming - Ethical Hacking examples - Ethical Hacking programs
- Defacement - What is defacing a server - Controlling the server by injecting the php shell scripts. Below are the activities can be done in the server.
- injecting any kind of files
- Deleting server files and web pages
- Modifying the existing file
- Gaining access to the database servers through config files.
- Directory traversal attacks - Accessing files and folders that are not in the public domain.
Learn Ethical Hacking - Ethical Hacking tutorial - Directory traversal attacks - Ethical Hacking examples - Ethical Hacking programs
Web Server attack prevention
Learn Ethical Hacking - Ethical Hacking tutorial - Web Server attack prevention - Ethical Hacking examples - Ethical Hacking programs
- Software Patches - Protection from vulnerabilities.
- Server and Software Hardening
- Vulnerability Scanning - Look for vulnerabilities on the web server. There are lot of vulnerability scanning tools available.
- Firewalls - There should be a firewall to protect the web server from unwanted attacks.
- Restrict Remote Admin
- Change Default Settings - Set hardened passwords which no one can guess it..
- Penetration Testing
- Constant Vigilance
How to Hack a WebServer ( Hacking / attacking server is illegal this article provides only a high level view for educational purposes)
Step 1
- Get the reverse IP of the target server goto the below link
Step 2
- Type the website name and press the check button. Automatically you are able to see 398 domains available in the below specified IP Address. All these websites are hosted in this server.
Step 3
- Goto bing search engine and type the ip address in the below format
Ip: [ip address].php?id=
The above search code will filter the searching in that specified ip address with the vulnerable web pages listed which got sql injection vulnerabilities.
Step 4
- We need to identify the page where you are able to upload any documents or images. If you found any pages with uploading options. That’s the root for us to enter into the web server.
Step 5
- Below is my blog where I posted to the web server injection script. We need to upload this script into the vulnerable website.
Step 6
- Copy the code and create a php file with the script taken from my blog. Am naming the php file as shell.php
Step 7
- Try to upload the script (php) file. Its throwing an error.
Step 8
- Now Open Burp Suite tool, in case if it didn’t work in windows environment. Prefer Linux environment (Specifically Kali linux)
Step 9
- This is the first page of Burp Suite tools. Click the next button
Step 10
- You will be moved to the next page. Click “Start Burp” button to start monitoring the user machine from which you are trying to upload.
Step 11
- Yes burpsuite is running in the back ground.
Step 12
- Now try to upload the php shell once again. Still its throwing error.
Step 13
- The file will get automatically cached in Burp suite. You can see the content type of the file. Change it to jpeg as shown in the below pictures and click forward button to go ahead.
Step 14
- The script is uploaded and the site consider it as image 12 a real hacking bypassing the upload validation Check out the path where its getting uploaded.
Step 15
- Goto the server path by typing the ip address and path where it gets uploaded.
Step 16
- Yes you are into the server to do any kind of changes in the server. Your Web server is hacked.