9.4: Wireless Networks and Web Application attacks

Last updated
Save as PDF

Page ID: 89930

\( \newcommand{\vecs}[1]{\overset { \scriptstyle \rightharpoonup} {\mathbf{#1}} } \) \( \newcommand{\vecd}[1]{\overset{-\!-\!\rightharpoonup}{\vphantom{a}\smash {#1}}} \)\(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\) \(\newcommand{\id}{\mathrm{id}}\) \( \newcommand{\Span}{\mathrm{span}}\) \( \newcommand{\kernel}{\mathrm{null}\,}\) \( \newcommand{\range}{\mathrm{range}\,}\) \( \newcommand{\RealPart}{\mathrm{Re}}\) \( \newcommand{\ImaginaryPart}{\mathrm{Im}}\) \( \newcommand{\Argument}{\mathrm{Arg}}\) \( \newcommand{\norm}[1]{\| #1 \|}\) \( \newcommand{\inner}[2]{\langle #1, #2 \rangle}\) \( \newcommand{\Span}{\mathrm{span}}\)\(\newcommand{\AA}{\unicode[.8,0]{x212B}}\)

In this section, an overview of wireless networks and web application attacks has been presented. The detailed description of these attacks is discussed in in another section.

9.4.1 Wireless Network Attacks

Some of the wireless network attacks are described as follows:

Bluesnarfing: allows the attackers to establish a connection with the victim’s Bluetooth enabled device and provides an unauthorized access to its internal data. The attacker can copy the contacts, emails, messages and even call logs without the owner’s consent.

Rogue Access Point : An unauthorized Access Point (AP) installed within the legitimate LAN and without proper security configurations is called Rogue Access Point. The Rogue Access Point allows the attackers to bypass the security framework/authentication of the LAN.

Evil Twin : An AP installed by an attacker (outside the legitimate LAN) which uses the same SSID (Service Set Identifier) as of legitimate one is called Evil Twin.

Packet Sniffing : The attackers use IP Packet capturing software such as Wireshark and Dnsiff etc. and can sniff the on-going communication (Packets) of the LAN.

Replay Attacks: The attacker captures the packets/messages of a genuine session and then replays them in a later session with the legitimate parties to gain unauthorize access or desynchronize the legitimate parties.

War Driving: The attacker uses the software such as Vistumbler, Arachni etc. and then drives down the street to look for the free/open Access points. The searching for the open access point is called War Driving.

War Chalking: After War Driving, the attackers publish the information of the open Access Points with Geolocation map (Coverage area) on blogging sites which is called War Chalking.

9.4.2 Web Application Attacks

Since, the tradition network security devices (Firewalls, IPS and IDS) ignore the HTTP contents, so to ensure security of web applications is much more difficult and different as compare to securing a typical network. The detailed description of the web application security concepts is discussed in Chapter 8. The following are some of the web application attacks.

Buffer Overflow Attack: In the Buffer overflow attack, the attackers find the bugs/mistakes in the coding of an application and then exploit it to gain unauthorize access to the system. The attackers push more data beyond the capacity of the buffer and make the application to store the additional data to adjacent memory buffer. It can crash the system and also create a backdoor which lets the bad traffic in.

Cross site scripting: In the Cross-Site Scripting (XSS) attacks, the attackers injects malicious scripts on the vulnerable websites and usually target the clients of the websites. When the users visits the contaminated website then these scripts automatically run and can steal the cookies and web browser history of the victim’s computer.

SQL injection attack: In the SQL injection attack, the attacker first finds whether the webserver is vulnerable to SQL injection attack or not. If the webserver is vulnerable to SQL injection attack, then the attacker injects the SQL commands and obtain the secret information (stored on Database) of the individuals.

XML injection attack : In XML injection attack, the attackers manipulate the XML logic of the application and inserts the malicious contents into the resulting outputs. In XML injection attack, the attackers can login as Administrators and can have full control over the server and databases.