Session Setting DVWA Wave


		Setting up of LVS , WAVE and DVWA...
For LVS
=======
Step 1 --> Extract the contents of LVS_1 in a folder
Step 2 --> Copy that extracted forlder in C:\xampp\htdocs
Step 3 --> STart XAMPP server --> Apache and MySQL
Step 4 --> in the browser type --> 127.0.0.1/lvs_1
        lvs_1 --> Name of Extracted Folder
Download Link --> https://ufile.io/aci9l


For WAVE
========
Step 1 --> Extract the contents of wave in a folder
Step 2 --> Copy that extracted forlder in C:\xampp\htdocs
Step 3 --> STart XAMPP server --> Apache and MySQL
Step 4 --> in the browser type --> 127.0.0.1/wave1
        wave1 --> Name of Extracted Folder
Download Link --> https://ufile.io/bk3w5

For DVWA
========
Step 1 --> Extract the contents of DVWA in a folder
Step 2 --> Copy that extracted forlder in C:\xampp\htdocs
Step 3 --> STart XAMPP server --> Apache and MySQL
Step 4 --> Open configurtion file of dvwa and delete the password 				field value. c:/xammp/dvwa/config/config.php
Step 5 --> in the browser type --> 127.0.0.1/DVWA
Step 6 --> login with the credentials --> admin
										  password

Downloading Link --> https://ufile.io/a5lg8


============x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x==========

METHODS USED IN WEB APPLICATIONS
================================
1. GET - It is the method used by web applications.In this type of request all the request made is sent in plain text i.e. the request is visible at the address bar.It is very insecure method as if one person is shoulder surfing he will be able to grasp your credential and this method is also helpful for several attacks.
eg: www.aaab.com/haha.php?id=1
    www.adsadsa.com/index.php?happyness=null


2. POST - The method which hides and requests the data from the Database or Server Secretly. eg. twitter.com/login.php

Demo...

----------------------------------------------------------

INSECURE DIRECT OBJECT REFERENCE
================================
A direct object reference occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, or database key. Without an access control check or other protection, attackers can manipulate these references to access unauthorized data.
Do note here that a malicious is able to access resources of another USER only. Both have the same level of access in case of IDOR.

example :

			www.hungama.com/user.php?id=1
			www.hungama.com/user.php?id=4
			www.hungama.com/user.php?id=2
	Without proper validation it jumps you to another account.

Wave1

----------------------------------------------------------

SENSITIVE DATA EXPOSURE
=======================
Many web applications do not properly protect sensitive data such as Names, IDs, Credit Cards details, authentication credentials etc. Attackers may steal or modify such weakly protected data to conduct credit card fraud, identity theft or any other crimes. These Sensitive Data is well aspected to encryption also in which if the data is not encrypted and is in plain text, it will be very easier to get fetched by the attacker or any other individual.

Types of Sensitive Data
=======================

1. Personal - Names, Address , Contact Numbers etc.
2. Confidential - ID,Passwords - Credentials, Aadhar No.
3. Financial - Bank Accounts numbers, credit cards, debit cards etc.


			HOW A SENSITIVE DATA CAN BE COMPROMISED
			--------=========================--------

1. When data is transmitted in the url, that is your credentials are transmitted via GET Parameter.
	username=user&password=pass&sumbit=submit
2. When data is stored in plain text form rather then hashed or encrypted form.
3. When data is stored in the text file rather then to be stored in the databsae.

	 Id 	Interest 	Gender 	Username 	Password
	 -----------------------------------------------
	1 	    Badminton 	Female 	admin 		Pa$$woRd
	2       Football 	Male 	admin2 		paSSwOrd