Web Servers as Targets


Web Operations 

Web Server 
 A computer that is responsible for accepting HTTP requests from clients (user agents such as 
web browsers), and serving them HTTP responses along with optional data contents, which 
usually are web pages such as HTML documents and linked objects (images, etc.). 
Software to setup a Web Server: 

• Apache 
• Internet Information Services(IIS) 
How Webserver Works: The Basic Process 
Let's say that you are sitting at your 
computer, surfing the Web. So you 
type that URL into your browser and 
press return. And magically, no 
matter where in the world that URL 
lives, the page pops up on your screen



At the most basic level possible, the following diagram shows the steps that brought that page to 
your screen: 
Web browser formed a connection to a Web server, requested a page and received it. 
1. Client sends the request for a Webpage on the Webserver. 
2. Webserver receives the request the sends the Webpage code to the Client. 
3. Client receives the Webpage code, and the Web Browser converts that code in to design 
and displays it to the User. 
Database Server 
 • The database server is a key component in a client/server environment. It holds the 
database management system (DBMS) and the databases.  
• Upon requests from the client machines, it searches the database for selected records and 
passes them back over the network. 
Software to setup a Database Server: 
 • Oracle 
• SQL Server 
• MySql  


The Login Process on the Website 
 Let's say that you are sitting at your computer, surfing the Web, and you open a Website to 
Login to your account. 
You types in the Login Username and Password and clicks on Sign in and you get in to your 
1. Client sends the request for the Login page on the Webserver. 
2. Webserver receives the request the sends the Login page code to the Client. 
3. Client receives the Login page code, and the Web Browser converts that code in to 
design and displays it to the User. 
4. Client puts in the Username and Password in the Login page and sends it to the Web 
5. Web Server receives the Username and Password and forwards it to the Database server. 
6. Database server receives the Username and Password from the Web Server and checks 
its tables for that Username and Password. 
7. After the finding process is complete, the Database Server sends the result of the 
authentication to the Web Server. 
8. Web Server receives the Authentication result from the Database Server and on the basis 
of the result, redirects the User to the proper Webpage. 
If the Authentication is True, User gets signed in to the Account, and if it fails User is asked to 
Sign in again.

Operations of a Database Server.

Database server consists of tables and records. Records are kept in tables. These tables and 
records the updated on a regular basis. Below are the four main working functions of a Database 
1. Creation of Records: CREATE 
• Create or add new entries 
2. Accessing the Records: READ 
• Read, retrieve, search, or view existing entries 
3. Updating the Records: UPDATE 
• Update or edit existing entries 
4. Deleting the Records: DELETE 
• Delete existing entries 
This is known as CRUD operation of a Database Server. 
Syntax Queries: 
1. Creating or Inserting the records in the Table 
• INSERT INTO tablename (column1, [column2, ... ]) VALUES (value1, [value2, 
• The number of columns and values must be the same. If a column is not 
specified, the default value for the column is used. 

2. Accessing or Reading the Records 
• SELECT (column1, [column2, ... ]) FROM tablename; 
• SELECT * FROM tablename (for all the fields) 

3. Updating the Records 
• UPDATE tablename SET C1 = 1 WHERE C2 = 'a'; 

4. Deletion of records 
• DELETE FROM tablename [WHERE condition]; 



SQL injection 
 • An SQL injection attack exploits vulnerabilities in a web server database that allow the 
attacker to gain access to the database and read, modify, or delete information. 
• A simple example of a SQL injection attack is to use the single quotation mark as part of 
an input value to a Web page. These values can be inserted into a login as follows: 
o Login: admin’-- 
o Login: admin'# 
• Database Server ignores everything after "--" or "#" because these characters are the 
single line comment sequence. They are needed for inputs and queries to terminate 
without an error. 
• Another example of a SQL injection attack is making the condition true by giving the 
identical value to a web page. 
• These values can be inserted into a login as follows: 
o Login: 1' or '1'='1 and Password= 1' or '1'='1 
o Login: 1' or '1'='1';-- 
• When the Username argument is evaluated, ‘1’=’1’ will assess to TRUE, and an authentic 
username will be returned. 


Website Enumeration 
• Website Enumeration is checking the structure of a Web site. 
• Acquiring the files and folders from the Website to the Local Computer. This is also 
known as Web Ripping. 
• It is the ability to copy the structure of a Web site to a local disk and obtain a complete 
profile of the site and all its files and links. 
PHP Injection: Placing PHP Backdoors 
• This attack provides the means for a hacker to execute his or her system level code on a 
target web server. With this capability, an attacker can compromise the web server and 
access files with the same rights as the server system software.  
• For example, a number of PHP programs contain a vulnerability that could enable the 
transfer of unchecked user commands to the eval( ) function. 
Google Hacking 
 • As we all know, Google is a Search Engine. It keeps snapshots of pages it has crawled 
that we can access via the cached link on the search results page. 
• Google hacking can be used to explore the Website by using some Advance Google 
search operators. 


You can look for the particular File type, Password files and Directories. Even you can find out 
the IP based CCTV Cameras. 

• Intitle: Searches the text in the title of the Website. 
 Inurl: Finding the text in the URL of the Website. 
 Filetype: Searching for Files of a Specific Type 
• Site: To narrow the Search to Specific Sites 
To Find the IP Based CCTV Cameras 
Inurl:indexframe.shtml axis 
The Wayback Machine 
• Archive.org, called the Wayback Machine.  
• Hackers use this website to have a look how other websites looked in the past. 


Putting breaks on Web Application attacks 
• Input Validation on the SQL injection 
• There are measures that can be applied to mitigate SQL injection attacks. Use of these 
practices does not guarantee that SQL injection can be completely eliminated, but they 
will make it more difficult for hackers to conduct these attacks. 
• Javascripts are available which allow only known good input from the Web server to the 
Database server. 
Directory access controls 
• Htaccess files provide a way to make configuration changes on a per-directory basis.  
• .htaccess files should be used in a case where the content providers need to make 
configuration changes to the server on a per-directory basis, but do not have root access 
on the server system. 
Deny Google to your website  
• A robots.txt file on a website will function as a request that specified robots ignore 
specified files or directories in their search.  
• For websites with multiple subdomains, each subdomain must have its own robots.txt 
file. If example.com had a robots.txt file but a.example.com did not, the rules that would 
apply for example.com would not apply to a.example.com. 


Basic Website Security 
• Put an Input Validation to countermeasure the SQL Injection. 
• Always change the default Username and Passwords. 
• Do not allow every type of file to get uploaded on your Website. 
• Check the files on the Website regularly.