Web application security

Many people understand how important it is to have web application security both in the e-commerce . One of the primary concerns for organizations is attacks by appsec. However, there are many other very dangerous attacks, including cross site scripting, SQL injection and http verbse attack. Data loss is one of the most common issues following one of these attacks. However, data loss would be the least of an organization’s concerns considering attackers are generally also able to get access to the specific pieces of data they are looking for. An example of why web application security is so important is for when SQL injection allows an attacker to get access to credit card information or data relating to a person’s identity. This is often the type of information that hackers are after of course.

Example 1

In SQL:

If one provided:

the query string becomes:

Web Application Security May Be More Difficult Than Network Security.

With the increased information sharing that has become quite common over the past few years, especially with social networking and business networking, it is inevitable that websites are being attacked. In the past, using a firewall for the computer and putting a lock on the door to the server room were enough to keep anyone from accessing information from a business and web application security wasn’t even envisioned. However, there are browsers that constantly interact with business web applications through websites that sell products or services. Data connections must be open in order to receive customer input and orders, and one never knows when a person accessing their business through the web is a legitimate customer or someone who is trying to hack into the system or attacking the business through the links on the site.

(continue reading…)

malware in website

Google’s search result block web pages that contain malware . website owners panic; and they are unsure of how to fix the problem .This article highlights how malware infects a web page and what the woner can do to protect the website .

Your website is running along smoothly until you notice a severe drop in sales and web traffic.You do a quick analysis by searching for your website on google , but when you click the link , you’re redirected to a warning page that annoinces the site poses a danger to visitors.

The message displayed in the browser means the website has been hacked . Before you panic . here ‘s a quick checklist to clean the malware , secure your website , and re-establish a position on google’s search engine .

What happened?

Several malware applications are spread on the internet through infected web pages and executable downloads . for instance ,The hackers exploit vulnerabilities in web applications and inject malicious code , You may using a vulnerable open source wordpress ,Ckfinder …

An other attack : gumblar virus is spread through PDF documents and flash pages . The malware applications find passwords hidden on the website owner’s computer and infect hist web pages with malicious code . (using ftp services)

The code can be spread of malware . The infected website is detected by google’s search engine spider , and the company provides the warning seen in the user’s browser. (continue reading…)

 A  hacked website costs you readers, search engine rank and time and money.
Use these tips to help you find and clean a WordPress website from hacked code and malicious malware links inserted into the website code.

Wordpress hacking

WordPress vulnerabilities ; SQL injection, JavaScript insertion and.htaccess hacks are all common ways to alter the content on your WordPress website.Some hackers redirect users to another website, other hackers insert malicious links and some other hackers use the .htaccess file to steal Google rank. If you think you are hacked, here are some common sings to search for in your website code.

Check Your.htaccess File :

The .htaccess file is always in the root dlretory of your
WordPress site. The .htaccess file lets you control how the
server handles website requests such as Google crawler
access and URL redirections Hackers who gain access to the
.htaccess file insert a few lines of code that redirect
search englnes. The hacked code detects the “user
agent”value, which is passed from a web browser or
search engine to the WordPress server. If the user agent is
“Google,” the hacked .htaccess file redirects Google to
the hacked website. This hack 1s completely invisible to
your WordPress readers, and it only affects Google rank
The following code is an example of hacked .htaccess code:

RewriteCond %{HTT-REFERER} .*google.* [OR]
RewriteRule ^(.*)$ http//hackedsite.com/index.php
[R=301,L]

In the above example, if Googlebot crawlss the website, the (continue reading…)

attack asp

When i was testing an iis server after defacement attack, the webmaster was confused how hackers gaina ccess to the server and changes the visual appearance of the site or a webpage .

1 – Hackers use xgallery (Absolute gallery): SQL injection to get admin passwords and upload backdoors .
2 -Hackers uploaed automatically tools to deface the server replace every index.
3 -Hackers record the defaced home pages in zone-h digital attack archives.

Hackers exploit Xgallery panel to bypass the upload : Web application security

This attack allows a hacker who can upload a “safe” file extension (jpg, html, etc) to upload an ASP script and force it to execute on the web server. The vulnerability occurs when a file name is specified in the form of “attacker.asp;.jpg” — the application checks the file extension and sees “jpg”, but the web IIS server will stop parsing at the first “;” and sees “asp”. The result is trivial code execution on any IIS server that allows users to choose the file name of their uploaded attachment.

(continue reading…)

One of the most important ways to stay secure is to stay informed !

Web application security is a critical task, and communicating to you about security is one of the most important factors in keeping your site safe. Ironically, even mentioning security publicly is a challenge, as many hackers see it as an invitation to find new .Hackers use different exploit (public and private attacks) several sites are reporting very suspicious infection every day by google . Attackers inject:

• Malware
• Worms
• Trojan Horses
• Spyware
• Dishonest adware
• Crime ware amongst other malicious threats

This is some reason why google flag your website: “This site may harm your computer”.

This site may harm your computer

One of the most important ways to stay secure is to stay informed. Hackers continually try new approaches, discover new vulnerabilities, and attempt different exploits. As sysmox team find out about potential vulnerabilities, we try to respond webmaster quickly that you can : Applying security fixes may mean installing a software update, modifying your system configuration, or changing how you code your web application.

(continue reading…)