- Cookie poisoning—Identity theft
- Hidden-field manipulation—E-shoplifting
Hackers can easily change hidden fields in a page’s source code to manipulate the price of an item. These fields are often used to save information about the client’s session, eliminating the need to maintain a complex database on the server side. Because e-commerce applications use hidden fields to store the prices of their merchandise, Sanctum auditors were able to view the sites’ source codes, find the hidden field, and alter the prices. In a real-world scenario, no one would have discovered the change and the company would have shipped the merchandise at the altered prices and may even have sent a rebate.
- Parameter tampering—Fraud
This technique involves changing information in a site’s URL parameter. Because many applications fail to confirm the correctness of common gateway interface (CGI) parameters embedded inside a hyperlink, parameters can be easily altered to, for example, allow a credit card with a $500,000 limit, skip a site login screen, and give access to alternate orders and customer information.
- Buffer overflow—Closure of business
By exploiting a flaw in a form to overload a server with excess information, hackers can often cause the server to crash and shut down the Web site.
- Cross-site scripting—Hijacking/Breach of Trust
When hackers inject malicious code into a site, the false scripts are executed in a context that appears to have originated from the targeted site, giving attackers full access to the document retrieved and maybe even sending data contained in the page back to the attacker.
- Backdoor and debug options—Trespassing
Often, programmers will leave in debug options to test the site before it goes live. Sometimes, in haste, they forget to close the holes, giving hackers free access to sensitive information.
- Forceful browsing—Breaking and entering
By subverting the application flow, hackers access information and parts of the application that should normally be inaccessible, such as log files, administration facilities, and application source code.
- Stealth commanding—Concealing a weapon
Hackers often conceal dangerous commands viaa “Trojan horse,” with the intent to run malicious or unauthorized code that is damaging to the site.
- Third-party misconfiguration—Debilitating a site
Since vulnerabilities are posted and patches made available on public Web sites (such asSecurityfocus), hackers are alerted to new vulnerabilities as they arise. For example, through a configuration error, a hacker could create a new database that renders the existing one unusable by the site.
- Known vulnerabilities—Taking control of the site
Some technologies used in sites have inherent weaknesses that a persistent hacker can exploit. For example, Microsoft Active Server Page (ASP) technology can be exploited to gain the administrators’ passwords and take control of the entire site.