How hackers crack your site part 1
The best security specialist is a hacker, and the best hacker is a security specialist. Before breaking into the system, hackers will investigate the attack subject. If hackers want to break into a server, they will try to find out under what operating system the sever is running and the service installed on it.
Next, attempt to learn the site’s structure – namely, the directories used, the script files used and their location, and so on. This information can be used in various ways, especially after the break-in, when you have to know what parts of the site to explore. Before the break-in, hackers pursue at least four avenues, which are the following.
Find a publicly-available script, either commercial or freeware. For example, owners of most noncommercial sites do not develop their own forum scripts and instead use open-source products such as phpBB (www.phpbb.com).
If hackers discover that a site uses an open-source service, they will mark this site as a potential attack target. The more popular a program, the more hackers all over the world dissect it looking for vulnerabilities. There are no-bug free programs; it’s only a matter of time before bugs are discovered. When a vulnerability becomes known, hackers enter into a race with administrators, with the former attempting to use the vulnerability to break into sites and the latter looking for defenses against it.
Programmers often save old script versions on a site. For example, a programmer has written a new improved version of index,php file. Before replacing the old file with the updated one, the old index.php file is renamed into something like index.old or index.bak; only then the new version is copied in. This is done just in case the new version does not perform as intended in the production mode and has to be debugged. In this case the old version can be placed back into service.
Hacker will not have hard time finding such files because they will use a specialized program to take care of this. One those sites are accessed the content of the script can be downloaded to hacker’s local hard disk.
During the preparatory investigation, hackers look for all forms that take user input and send it to the server. Sending parameters is always a dangerous affair. Hackers can collect information about parameters sent by the form and then start experimenting by sending different parameters, trying to find a script that does not check data entered by users.
Knowing the directory structure, hackers can concentrate on looking for vulnerabilities in places where they expect to obtain the best result. It is logical to assume that the directories kept away from indexing contain something interesting. So what is to prevent hackers from taking a look at the robots.txt file and find out what the administrator or site developer does not want to be available to the general public? The only limitation is the extent of their knowledge on how to formulate a Google request to do this.
Having collected publicly available information, hackers move on and try to find out more about the system. They enter invalid data into all forms and analyze the messages issued by the server response, hoping to obtain information about the database structure and the files it contains.
A real lucky strike can be a message an incorrect request for data accompanied by the SQL request. This sort of information would be invaluable for hackers and increase their chances of a successful break-in.