It`s
100th post. When I started to write , I did not think that
it may longer this.So today I don`t put any new article about hacking
, I am gonna repeat some famous vulnerability which we had seen
before.
In
the chart , you can see that different types of vulnerability & it`s percentage which
exists in website.
This
is web-browser vulnerability . So you can see that which browser is
easy to hack.
(A)S.Q.L. Injection:-
It is a hacking method that allows an unauthorized attacker to access a database server. It is facilitated by a common coding blunder: the program accepts data from a client and executes SQL queries without first validating the client’s input. The attacker is then free to extract,modify, add, or delete content from the database.
Tutorial
on S.Q.L. Injection:-
(B)Cross Site Scripting:-
Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user in the output it generates without validating or encoding it.
Tutorial
on X.S.S-
(C)Cross site Request forgery:-
CSRF is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated. With a little help of social engineering (like sending a link via email/chat), an attacker may force the users of a web application to execute actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and operation in case of normal user. If the targeted end user is the administrator account, this can compromise the entire web application.
Tutorial
on C.S.R.F-
(D)Local File Inclusion:-
Local File Inclusion (also known as LFI) is the process of including files on a server through the web browser. This vulnerability occurs when a page include is not properly sanitized, and allows directory traversal characters to be injected.
Tutorial
on local file inclusion-
(E)DOS Attack:-
A
denial-of-service
attack(DoS
attack)
or distributed
denial-of-service attack(DDoS
attack)
is an attempt to make a machine or network resource unavailable to
its intended
user
Tutorial
on DOS:-
(F)Spoofing :-
spoofing refers tricking or deceiving computer systems or other computer users. This is typically done by hiding one's identity or faking the identity of another user on the Internet.
Spoofing
Tutorial:-
(5)MAC Spoofing
(G)Phishing:-
Phishing is the act of attempting to acquire information such as password ,usernames, , and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity.
Tutorial
on Phishing-
No comments:
Post a Comment