Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Setting up of LVS , WAVE and DVWA...
- For LVS
- =======
- Step 1 --> Extract the contents of LVS_1 in a folder
- Step 2 --> Copy that extracted forlder in C:\xampp\htdocs
- Step 3 --> STart XAMPP server --> Apache and MySQL
- Step 4 --> in the browser type --> 127.0.0.1/lvs_1
- lvs_1 --> Name of Extracted Folder
- Download Link --> https://ufile.io/aci9l
- For WAVE
- ========
- Step 1 --> Extract the contents of wave in a folder
- Step 2 --> Copy that extracted forlder in C:\xampp\htdocs
- Step 3 --> STart XAMPP server --> Apache and MySQL
- Step 4 --> in the browser type --> 127.0.0.1/wave1
- wave1 --> Name of Extracted Folder
- Download Link --> https://ufile.io/bk3w5
- For DVWA
- ========
- Step 1 --> Extract the contents of DVWA in a folder
- Step 2 --> Copy that extracted forlder in C:\xampp\htdocs
- Step 3 --> STart XAMPP server --> Apache and MySQL
- Step 4 --> Open configurtion file of dvwa and delete the password field value. c:/xammp/dvwa/config/config.php
- Step 5 --> in the browser type --> 127.0.0.1/DVWA
- Step 6 --> login with the credentials --> admin
- password
- Downloading Link --> https://ufile.io/a5lg8
- ============x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x==========
- METHODS USED IN WEB APPLICATIONS
- ================================
- 1. GET - It is the method used by web applications.In this type of request all the request made is sent in plain text i.e. the request is visible at the address bar.It is very insecure method as if one person is shoulder surfing he will be able to grasp your credential and this method is also helpful for several attacks.
- eg: www.aaab.com/haha.php?id=1
- www.adsadsa.com/index.php?happyness=null
- 2. POST - The method which hides and requests the data from the Database or Server Secretly. eg. twitter.com/login.php
- Demo...
- ----------------------------------------------------------
- INSECURE DIRECT OBJECT REFERENCE
- ================================
- A direct object reference occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, or database key. Without an access control check or other protection, attackers can manipulate these references to access unauthorized data.
- Do note here that a malicious is able to access resources of another USER only. Both have the same level of access in case of IDOR.
- example :
- www.hungama.com/user.php?id=1
- www.hungama.com/user.php?id=4
- www.hungama.com/user.php?id=2
- Without proper validation it jumps you to another account.
- Wave1
- ----------------------------------------------------------
- SENSITIVE DATA EXPOSURE
- =======================
- Many web applications do not properly protect sensitive data such as Names, IDs, Credit Cards details, authentication credentials etc. Attackers may steal or modify such weakly protected data to conduct credit card fraud, identity theft or any other crimes. These Sensitive Data is well aspected to encryption also in which if the data is not encrypted and is in plain text, it will be very easier to get fetched by the attacker or any other individual.
- Types of Sensitive Data
- =======================
- 1. Personal - Names, Address , Contact Numbers etc.
- 2. Confidential - ID,Passwords - Credentials, Aadhar No.
- 3. Financial - Bank Accounts numbers, credit cards, debit cards etc.
- HOW A SENSITIVE DATA CAN BE COMPROMISED
- --------=========================--------
- 1. When data is transmitted in the url, that is your credentials are transmitted via GET Parameter.
- username=user&password=pass&sumbit=submit
- 2. When data is stored in plain text form rather then hashed or encrypted form.
- 3. When data is stored in the text file rather then to be stored in the databsae.
- Id Interest Gender Username Password
- -----------------------------------------------
- 1 Badminton Female admin Pa$$woRd
- 2 Football Male admin2 paSSwOrd
Add Comment
Please, Sign In to add comment