Different kinds of hacking
I have been so set on remote control & gaining access to an internal corporate network that I was blinded to the opportunities that a hacker can do by attacking a web-based application. A friend showed me that they are able to do some incredible magic with cross site scripting and sql injection. The idea is like this: A hacker sets up a man in the middle attack on him / herself. While using the web based app, you monitor the requests, responses, & actions that are happening in the browser. Using the Man in the middle attack, the hacker will change a website’s element & resend the packet which provides a new & different response. I have used this tactic to grab SAML authentication or cookies, but never to send an unexpected request to a website. Well, kinda… In my job, I have to reset a lot of technical things for users. For instance, I check on a recording that failed. I can see that the raw files are on our recording server. I then can see that there was an iss
