[...]... Vulnerabilities in web servers are broadly composed of defects in their configuration and security flaws within the web server software This topic is on the boundary of the scope of this book, because the web server is strictly a different component in the technology stack However, most web applications are intimately bound up with the web server on which they run; therefore, attacks against the web server... where it appears in the course of the book What's on the Web Site The companion web site for this book at www.wiley.com/go/webhacker contains several resources that you will find useful in the course of mastering the techniques we describe and using them to attack actual applications In particular, the web site contains the following: ■ ■ Source code to some of the scripts we present in the book ■ ■ A list... context-setting chapters describing the current state of web application security and the trends that indicate how it is likely to evolve in the near future We examine the core security problem affecting web applications and the defense mechanisms that applications implement to address this problem We also provide a primer in the key technologies used in today’s web applications The bulk of the book is concerned... 11 Attacking Application Logic The Nature of Logic Flaws Real-World Logic Flaws Example 1: Fooling a Password Change Function The Functionality The Assumption The Attack Example 2: Proceeding to Checkout The Functionality The Assumption The Attack Example 3: Rolling Your Own Insurance The Functionality The Assumption The Attack Example 4: Breaking the Bank The Functionality The Assumption The Attack... Erasing an Audit Trail The Functionality The Assumption The Attack Example 6: Beating a Business Limit The Functionality The Assumption The Attack Example 7: Cheating on Bulk Discounts The Functionality The Assumption The Attack Example 8: Escaping from Escaping The Functionality The Assumption The Attack Example 9: Abusing a Search Function The Functionality The Assumption The Attack Example 10: Snarfing... the authors’ direct experience, demonstrating that the majority of applications are far from secure We describe the core security problem facing web applications — that users can supply arbitrary input — and the various factors that contribute to their weak security posture Finally, we describe the latest trends in web application security and the ways in which these may be expected to develop in the. .. in web applications By web application we mean an application that is accessed by using a web browser to communicate with a web server We examine a wide variety of different technologies, such as databases, file systems, and web services, but only in the context in which these are employed by web applications If you want to learn how to run port scans, attack firewalls, or break into servers in other... “A Web Application Hacker’s Toolkit,” pulls together in one place the various tools described in the course of this book, and which the authors use when attacking real-world web applications We describe the strengths and 70779flast.qxd:WileyRed 9/14/07 3:12 PM Page xxxi Introduction weaknesses of different tools, explain the extent to which any fully automated tool can be effective in finding web application. .. attacking web applications This covers all relevant aspects of the HTTP protocol, the technologies commonly used on the client and server sides, and various schemes used for encoding data If you are already familiar with the main web technologies, then you can quickly skim through this chapter Chapter 4, “Mapping the Application, ” describes the first exercise that you need to take when targeting a new application, ... vulnerabilities which arise when defects within a web application can enable a malicious user of the application to attack other users and compromise them in various ways The largest vulnerability of this kind is cross-site scripting, a hugely prevalent flaw affecting the vast majority of web applications on the Internet We examine in detail all of the different flavors of XSS vulnerabilities, and . xxv Chapter 1 Web Application (In)security 1 The Evolution of Web Applications 2 Common Web Application Functions 3 Benefits of Web Applications 4 Web Application Security 5 “This Site Is Secure” 6 The. Pinto The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws Wiley Publishing, Inc. 70779ffirs.qxd:WileyRed 9/17/07 12:11 PM Page i The Web Application Hacker’s Handbook: . 352 The Functionality 352 The Assumption 353 The Attack 353 Example 3: Rolling Your Own Insurance 354 The Functionality 354 The Assumption 354 The Attack 355 Example 4: Breaking the Bank 356 The