Skip to main content

Posts

CSRF - Cross Site Request Fogery

Cross-site request forgery (CSRF) is an attack where the legitimate user trapped by an unauthorized user to perform an unintended task to a website where they are authenticated. Since HTTP is a stateless protocol, cookies are used to validate the request agent. Once the user login to a website, it will not require to type the username and password for each attempt. Hence, for the server to identify the user, the server generates a session identifier and sends it as a set-cookie header to the client browser with the very first response. The cookie set by the server will be saved in the client browser and, the cookie will be sent along with every request made to the server (Where the domain and path are matched). However, the server does not check any other attribute but session identifier. Although the request is made from another client, the website only verifies whether the requesting user is already authenticated or not, using a cookie. For example, if a person logged in
Post a Comment
Read more
Recent posts

Double Submit Cookie

Double submit cookie is one of the prevention method for Cross-Site Request Forgery ( CSRF ) . Same as the synchronizer token pattern, it is using a cryptographic random value to validate a request agent. However, the implementation is different since the way it is saved is dissimilar. Here, the generated token value is saved in the browser, not on the server. Therefore servers no need to save huge amounts of data. When a user makes a request, the server compared the token value in the form DOM element (in the body) and token in the cookie header of the request.  (Click on the images to view clearly) Source code of the implemented program can be downloaded from here . A login page, index.html has been implemented to enroll users. Once the user entered the credentials, the form data will be submitted to login_handler.php using POST method. If the username and password are correct, the user session is started and the username will be assigned to the
Post a Comment
Read more

Synchronizer Token Pattern

Synchronizer token pattern is one of the prevention methods for Cross-Site Request Forgery ( CSRF ). It uses a value called CSRF token which is unique for a session identifier. When the user login to a website, the server generates a random value called token for a particular session. The token is saved on the server as well as the browser (after obtained from the server). PHP identifies the session using the session variable ‘PHPSESSID’ which is also stored in the browser as the cookie to identify a particular session. The server validates the user when each request is made, via comparing the token value in the server and token value in the browser. Through this write up how synchronizer token pattern is implemented and how does it works will be described.  (Click on the images to view clearly) Source code of the implemented program can be downloaded from here .  I have implemented a login page called index.html to enroll a user to the server. The userna
Post a Comment
Read more

Exploit Windows 2000 machine using the Metaspolit framework from the Kali Linux machine.

Exploit Windows 2000 machine using the Metaspolit framework from the Kali Linux machine. When the windows 2000 the machine came for public use, many vulnerabilities were identified. This was caused by the number of vulnerabilities in IIS services. Many attacks came from remote sources through the internet and there were critical flaws due to the vulnerable encryption methods. From this article how the vulnerabilities of windows would be identified using Nessus, and exploit it using Metasploit in kali machine will be described. To do it I am using my main operating system (OS) kali and virtual machine windows 2000. For that IP range of both machines should be in the same range to ensure those are in the same network. Therefore network setting was fix as bridge adaptor in windows virtual machine. Check IP of kali using ifconfig Check IP of windows using ipconfig Then Nessus vulnerability s
Post a Comment
Read more

Plain Blue screen - Kali Linux

When user login to the kali machine, the screen may look plain blue color without any application icon due to the Gnome corruption. To recover gnome with all previously installed packages restart the machine. Select advanced options for kali GNU /Linux Then select *Kali GNU/Linux, with Linux 4.15.0-Kali2-amd64 (recovery mode) When the terminal finish, loading the contents, type root password to log in. To recover the Gnome, Type below command in the root user terminal,       sudo dpkg --configure -a Finally, you can get your previous Kali Linux as it was.
Post a Comment
Read more

Install Chrome in Kali Linux

Chrome is the most convenient search engine with multiple application. And it is compatible for customizable extension too. Therefore chrome is preferred as default browser by everyone. Hence here the few steps to install chrome in your Kali Linux machine. Open Terminal, first of all, repositories should be updated.   1.  sudo apt-get update Then download chrome .deb package. you can install it from your browser too. Here .deb package is installed using terminal commands.    2. wget  https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb   Run installed .deb file in order to install the chrome browser.     3. sudo  dpkg  -i  google-chrome-stable_current_amd64.deb  After installing the chrome into your kali machine now you can use it as your default browser.
Post a Comment
Read more