Different kinds of hacking

I have been so set on remote control & gaining access to an internal corporate network that I was blinded to the opportunities that a hacker can do by attacking a web-based application. A friend showed me that they are able to do some incredible magic with cross site scripting and sql injection.
The idea is like this:
A hacker sets up a man in the middle attack on him / herself.
While using the web based app, you monitor the requests, responses, & actions that are happening in the browser.
Using the Man in the middle attack, the hacker will change a website’s element & resend the packet which provides a new & different response.
I have used this tactic to grab SAML authentication or cookies, but never to send an unexpected request to a website. Well, kinda…
In my job, I have to reset a lot of technical things for users. For instance, I check on a recording that failed. I can see that the raw files are on our recording server. I then can see that there was an issue with the processing so the files became corrupted when they were transferred to our playback server. There is a button that is greyed out on the tool that I use that will reprocess the recording so that it will be placed on the playback servers correctly. If I inspect the greyed out button & change its value from zero to one, I can reprocess it. There are like 15 things like this on a day to day basis that I do, instead of sending a request up to a specialist who has the correct permissions to click a button.
I have found hundreds of websites that have elements that are hidden where if you change the element to display, you have a new field box on the page or something similar.
I have never really thought of this as “hacking” but with the addition of more and more web based applications, this opens access to more and more internal databases that a website can query. Also, using these apps, as they write data to these servers, a hacker could use this to write files to it. A carefully placed file on a server could cause the unit to download & execute a RAT (Remote Access Tool). This is a tool that I need to have on my tool belt.
I am attempting to research this & set this up in my lab. If you are a pro at this… let me know so we can work on this together.

Comments

Popular Posts