Hacks that work just by changing the URL

Hacks that work just by changing the URL

  • One legit and one malicious example
  • Some examples require URL encoding to work (usually done automatically by browser)

SQL Injection

code:

exploit (logs in as administrator without knowing password):

Cross Site Scripting (XSS)

If you are curious about XSS, see my article ‘Guide in understanding XSS – XSS payloads, attack vectors, BeEF hooking, MiTM with Shank and some history

code:

exploit (registrers visiting user as a zombie in BeEF):

Remote code execution

code:

exploit (downloads and runs arbitrary code) :

Command injection

code:

exploit (tries to delete all files from root directory):

Code injection

code:

exploit (injects phpinfo() command which prints very usefull attack info on screen):

LDAP injection

code:

exploit (logs in without knowing admin password):

Path traversal

code:

exploit (fetches /etc/passwd):

Redirect/Forward attack

code:

exploit (Sends user from your page to evil page) :

Failure to Restrict URL Access

code:

N/A. Lacking .htaccess ACL or similar access control. Allows user to guess or by other
means discover the location of content that should only be accessible while logged in.

exploit:

Cross-Site Request Forgery

code:

N/A. Code lacks page to page secret to validate that request comes from current site.
Implement a secret that is transmitted and validated between pages.

exploit:

Buffer overflow (technically by accessing an URL, but implemented with metasploit)

code:

N/A. Vulnerability in the webserver code itself. Standard buffer overflow

Exploit:

http://www.exploit-db.com/exploits/16798/

 

[important]This was my answer for a question at security.stackexchange.com and currently the highest voted answer in the community and the first to go over 100 votes. The post can be found here.[/important]

Share