Chapter 9. Reconnaissance and Exploitation of Web-based Applications
In the previous chapters, we reviewed the attacker's kill chain—the specific approach used to compromise networks and devices, and disclose data or hinder access to network resources. In Chapter 7, Physical Attacks and Social Engineering, we examined the routes of attack, starting with physical attacks and social engineering. In Chapter 8, Exploiting Wireless Communications, we saw how wireless networks could be compromised. In this chapter, we'll focus on one of the most common attack routes, through websites and web-based applications.
Websites that deliver content and web-based services (for example, e-mails and FTP) are ubiquitous, and most organizations allow remote access to these services with almost constant availability. To penetration testers and attackers, however, websites expose back-end services occurring on the network, client-side activities of the users accessing the website,...