Popular Known Web Attacks And Vulnerabilities Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Throughout this modern and civilised world, governments, finance companies, and all the National Infrastructures are facing problems with cyber attacks. The number of attacks is increasing day by day, and still organisation are facing trouble to determine which new vulnerabilities and threats cause the greatest risk and how resources and data should be allocated to avoid such risk. As our digital National Infrastructure gets more complex and interconnected, the difficulty of achieving application security increases gradually. We should have a clear vision of all the attacks being launched and the vulnerabilities they exploit, only then we can overcome such attacks by taking necessary precautions. By focusing on the threats and vulnerabilities, we should identify the key elements that enables these threats and should take security controls that can overcome it.

The Project plan reveals some of the defences towards today's newest attacks and vulnerabilities. And some tools that can be used to monitor and defend attacks on web systems.

The Popular Known Web Attacks and Vulnerabilities

Now a day's web browsers are consistently targeted, since it can be used to invoke servers and compromise it using client-side applications. Some of the techniques used for compromising and exploiting web servers are brute force attack (Password guessing attack) and web application attacks. The most popular targets of password guessing attacks are Microsoft SQL, SSH servers and FTP. Other techniques used for compromising web sites are SQL Injection, Cross-site Scripting, and Security Misconfiguration in web servers and PHP File Include attacks. Attackers use automated tools which are used to target custom web application vulnerabilities, and they can even compromise several numbers of web sites.

I have chosen the OWASP top 10 Flaws, the most successfully adopted awareness as my major vulnerabilities to be consider in web applications. The Open Web Application Security (OWASP) is an open-source application security project, and OWASP is not affiliated to any technology company. The main aim of OWASP is to create available articles, technologies and tools on common web application security vulnerabilities, for developers, designers and organisations. The OWASP community includes individuals from around the world, educational institution and corporations. The main goal of OWASP is to create a set of secure coding policy and standards for web-based technologies. Secure web applications can be made using a secure Software Development Life Cycle, still penetration testing should be carried out to make it even more secure from latest vulnerabilities.

There are many issues and factors that could affect the overall security of a web application, but according to OWASP the top 10 critical web application security risks that should be taken care of are,


Cross-Site Scripting (XSS)

Broken Authentication and Session Management

Insecure Direct Object References

Cross-Site Request Forgery (CSRF)

Security Misconfiguration

Insecure Cryptographic Storage

Failure to Restrict URL Access

Insufficient Transport Layer Protection

Unvalidated Redirects and Forwards

The attackers can choose many different paths through your applications to harm the overall process. Sometimes, these are hard to find and defend.


The Injection flaws includes SQL Injection, OS and LDAP (LightWeight Directory Access Protocol). It occurs when untrusted data is sent to an interpreter/application as a part of query or command. The attacker can trick the interpreter into executing these commands or accessing unauthorised resources.

Cross-Site Scripting (XSS)

The Cross-Site Scripting is an web application vulnerability which allows an attacker to bypass victim's browser by inserting malicious scripts into web pages, thus enabling him to hijack user session/other information, and redirect the user to malicious sites or to unwanted web sites.

Broken Authentication and Session Management

If the authentication and session management application functions are not implemented correctly, an attacker can compromise the user passwords, session tokens, keys or exploit other vulnerabilities by assuming others identities.

Insecure Direct Object References

Insecure Direct Object Reference occurs when a developer uses an reference to the internal implementation object in the system such as a file, directory or database key. Without an access control check or any other protection, attackers can manipulate such references to access unauthorised data from the victim machine.

Cross-Site Request Forgery (CSRF)

The CSRF is a type of malicious exploit in a website. In a CSRF attack, it forces user's browser to send a forged HTTP request with the user's session cookie and other authentication information, to a vulnerable website. Thus, allowing the attacker to force the victim's browser to generate requests that has side effects.

Security Misconfiguration

A good Security configuration should be deployed in organisation for better safety. It can be achieved by keeping all the applications up to date and by keeping a secured configuration defined and deployed for all the servers, platforms and applications in an organisation. It should be maintained and implemented as many of the applications and servers are not secure when they are in default.

Insecure Cryptographic Storage

Attackers can easily steal/modify data from websites which are weakly protected. Such as credit card details, Social Security Numbers and authentication details. Proper care should be taken while implementing cryptographic functions.

Failure to Restrict URL Access

There are many web applications which checks URL access rights before rendering protected links and buttons in it. The applications need to perform such control checks each time when these sites are accessed; else attackers will be able to forge URL to gain access to these hidden pages.

Insufficient Transport Layer Protection

Sometimes, applications fail to encrypt, authenticate and protect the integrity and confidentiality of sensitive network traffic. During, such conditions they supports weak algorithms and invalid certificates. Or they even fail to use them correctly.

Unvalidated Redirects and Forwards

Most of the web applications redirects/forwards user to other web pages, and they can use untrusted data to determine the destination pages. If proper validation is not used, intruders can redirect victims to phishing or other unauthorised web pages.

Tools and Techniques used for Web Security


The main tool that I intend to use for web page testing is WebScarab. The WebScarab is an open source web security application testing tool developed by OWASP. It is used to intercept web application request, so an security analyst can monitor how the application works and we can test the application by submitting test request to see how the application respond to such requests. The WebScarab framework can analyse applications that communicate using the HTTPS and HTTP protocols. This framework is written in java, thus making it portable to many platforms. It can also be used for all the major security concern mentioned early in the OWASP top 10 issues. We can intercept the request created by the browser by modifying and reviewing it, also it enables us to modify the responses generated from the server before they are received by the browser. Basically it operates as an intercepting proxy; it also has other modes of operation which can be implemented by a number of plugins.

Image:WebScarab after browsing.png

Fig 0.1 Main window screenshot of, OWASP. From http://www.owasp.org/index.php/WebScarab_Getting_Started

3.1.1 WebScarab Plugins:

The WebScarab provides a lot of plugins, which allows us to identify vulnerabilities in a web system. The above figure shows the toolbar with all the plugins in it. Some of the main plugins in the WebScarab framework are;

Fragments - The Fragment plugin extracts HTML comments and Scripts from HTML pages as they are passed through the proxy, or through other plugins.

Proxy - The Proxy is able to observe both the HTTP and HTTPS traffic, between the web server and the browser. The WebScarab proxy creates a SSL connection between the WebScarab and the browser, rather than connecting the browser directly to the server. Thus, it allows an encrypted stream to pass through it. Using the proxy manual intercept, we can control or modify the requests and responses that pass through the proxy.

Beanshell - It allows execution of complex operation on requests and responses. We can execute anything that is written in java.

Reveal Hidden Fields - This plugin modifies a hidden field to text fields in HTML pages, making them visible and editable.

Bandwidth Simulator - This plugin allows user to evaluate a slower network by emulating it. By this we can observe how our web site would perform when accessed via a modem or any.

Spider - It helps in identifying new URLs in the target site, and on command we can fetch them.

Manual request - This plugin works same like the 'Proxy', the only difference is we can edit or replay previous request in the 'proxy' summary. Or we can create our own new requests.

SessionID analysis - This plugin helps us to visually determine the degree of unpredictability and randomness in cookies by analysing them.

Scripted - It allows the user to write scripts using BeanShell to create request and fetch them from browser. This script can then perform some analysis on the response generated by the server. We can simplify things using this request and response object model.

Parameter fuzzer - The parameter fuzzer generates values which are likely to expose incomplete parameter validation, which leads to vulnerabilities like SQL Injection and Cross-Site Scripting (XSS).

Firefox Plugins for Web Security


Cross-Site Scripting can cause real damage to the web applications. We can use the XSS-Me tool in the Firefox to detect XSS vulnerabilities early during the development process. It is an Exploit-Me tool used to detect XSS vulnerabilities, the tool submits our HTML forms with representative string of an XSS attacks. The resulting HTML page gives a java script value which identifies whether the page is vulnerable to XSS attacks or not.

SQL Inject Me

The SQL Inject Me is a Firefox plugin used to test for SQL injection vulnerabilities in the HTML page. It works by submitting the HTML form values with string that can be representative of a SQL Injection attack. The output error from the database is then checked to identify whether it is an attack or not. We can identify the points of possible attacks in the system using this plugin.

Access Me

The Access Me Firefox plugin used to identify Access vulnerabilities in a Web page. Access vulnerability can allow an attacker to gain access to the resources without any authentication. It checks by sending several versions of the last request in the application with the session removed from it. So, we can identify whether the system will give authentication to the resources without session in the request.

Tamper Data

This plugin can used to modify HTTPS/HTTP headers and post parameters. It shows the data which is passed between us and the web server. We can test the web application by modifying the POST parameters to identify vulnerability.


The next tool that I intend to use is, WireShark. It is one of the most powerful tools used to capture network traffic. It can monitor all the traffic flowing in and out through the system. As a network packet analyser, it shows the details from connection level information of each packet. We can filter the information from a particular process for flexibility. This information helps in troubleshooting network security device issues.

4. Summary

As discussed above, vulnerabilities and HTTP threats in web application are rising rapidly. The above mentioned tool and techniques can be used to give proper web application security and Boundary Defences in web applications. Layered protection should be placed to prevent and detect towards attacks which are aimed at our web servers. Proper defensive planning must be made to overcome the vulnerabilities in a web site. If some one compromised our web server we can identify it by assisting the audit files, and by using Incident Response techniques to recover it.