Kali进行web渗透笔记(一)

Insider attacks are more lethal than the one achieved by an external entity,so sometimes Black box testing would be a waste of money and time .

Career as a penetration tester is not a sprint,it is a marathon.

Important HTTP methods for penetration testing

The GET method:passes the parameters to the web application via the URL itself.

The POST method:is similar to the GET method and is used to retrieve data from the server but it passes the content via the body of the request.

The HEAD method:The HEAD method is used by attackers to identify the type of server as the server only responds with the HTTP header without sending any payload.It’s a quick way to find out the server version and the date.

The TRACE method:is used to identify any alterations to request by intermediary devices such as proxy servers and firewalls.The TRACE method to steal user’s cookies.

The PUT/DELETE methods:are part of WebDAV,which is an extension to http protocol and allows management of documents and files on the web server.

The OPTIONS method:used to query the server for the methods that it supports.

Session tracking using cookies:

The ID could be shared using the GET method or the POST method.When using the GET method,the session ID would become a part of the URL;when using the POST method,the session ID is shared in the body of the HTTP message.The server would maintain a table mapping usernames to the HTTP message.

the cookie is always set and controlled by the server.

persistent and non-persistent cookies.

HTTP is the communication mechanism used to transfer HTML formatted pages.

Three-tier web application:

Presentation layer

Application layer

Data access layer