Today is the age of computer and internet. More and more people are creating their own websites to market their products and earn more profit from it. Having our own website will definitely help us in getting more customers purchasing our products but at the same time we can also attract hackers to play around with our website. If we have not taken enough care to protect our website from hackers then our business can even come to an end because of these hackers. If we own a website, then we might know the importance of ensuring that our website is safe from viruses and hackers. After going online most of the website designers think that their work is over. They have delivered what they were paid for and now they will be available for the maintenance of the site only. But sometimes the main problem starts after publishing the website. What if the website they have built suddenly start showing different stuff from what was already present there? What if weird things start appearing on the pages of our website? And most horribly what if the password of our login panel has changed and we are not able to login into our website. This is called hacking, a website hacking. We have to figure out how this happened so we can prevent it from happening again. In this seminar we are going to discuss some of major website hacking techniques and we are also going to discuss how to prevent website from getting vulnerable to different attacks currently use by various hackers.

1. Presented By:
Shubham S. Takode
B.TECH- TY CSE
2012BCS518
Department of Computer Science and Engineering ,
Shri Guru Gobind Singhji Institute of Engineering and Technology, Vishnupuri,
Nanded. 1

2.  What is Hacking? Website Hacking ?
 Typical communication over Internet.
 Types of Attacks.
 Step By Step :
SQL Injection Attacks.
Session Hijacking Attacks:
• Wireshark.
 Hacking Facebook Account with Wireshark.
RFI and LFI Attacks.
 XSS Attacks.
DDOS Attack.
 Purpose of Hacking.
 Preventive Measures.
 Conclusion
2

3. Hacking refers to an array of activities which are done to
intrude some one else’s personal information space so as to
use it for malicious, unwanted purposes.
Hacking is a term used to refer to activities aimed at
exploiting security flaws to obtain critical information for
gaining access to secured networks.
Becoming a hacker will take intelligence, practice,
dedication, and hard work.
3

4. • Unauthorized access to the Resources on Web Server.
( RFI, LFI, Admin account password hacking )
• Changing the contents on Webpage . (XSS Attacks)
• Hacking User Accounts on typical Website.
• Sniffing data packets over network.
(Session Hijacking and Packet Sniffing)
4

5. Client
INTERNET
Web
Server
DNS
Server
DHCP
Server
Local DNS
Server
http://www.google.com/
ISP
127. 120.120.110
5

6. • SQL Injection
• Session Hijacking or Packet Sniffing.
• RFI ( Remote File Inclusion ) , LFI ( Local File
Inclusion ).
• XSS Attacks.
• DDOS ( Distributed Denial of Service ) Attack.
6

7. • All about SQL Queries and vulnerable URL.
• Aim is to find the name and structure of your database
and then step by step extract data from Database.
•For this hackers uses various sql commands, string parsing
functions and try to make query result true.
• Extracted data could be anything stored in your db.
• Username , Passwords
• Emails
• Credit Card Information , Personal Information
7

8. • Consider you wants to build a login page for your website as
shown here
8

9. • Consider database table as show below:
userid user_name Password
1 shubham shubham
2 anand anand
Table : site_user
9

10. Consider php backend for login validation check as show below:
<?php
session_start();
include 'db.inc.php';
mysql_select_db("user",$con) or die(mysql_error($con));
if(isset($_POST['submit']))
{
if(!isset($_SESSION['logged']) || $_SESSION['logged'] != 1)
{
if(!empty($_POST['username']) && !empty($_POST['password']))
{
$query="SELECT * FROM site_user WHERE
user_name='".$_POST['username']."' AND password='".$_POST['password']."'";
$result=mysql_query($query,$con) or die("<center><br><br><b>USER NOT
FOUND</b><br><br>".mysql_error()."</center>");
if(!$row = mysql_fetch_assoc($result)) { echo"<script>alert('Wrong User
Credentials ... Please Retry....');</script>";}
else {echo "<script>alert(' Hii there ... You are logged in Sussessfully');
</script>";}
}
}
}
?>
10

11. • The login page we have just designed is vulnerable to sql
injection attack.
• If user enters correct username and password on login page
then page will show alert message as “Hi there… You have logged
in successfully ”.
•If user enters wrong username and password then page will
show alert message as “Wrong User Credentials … Please Retry”.
•Now if user enters username as any string and password as “
' or '1'= '1 ”
then the page is showing “Hi there… You have logged in
successfully ” .
11

12. • This is the SQL Injection . Evens if the logic we have
written at backend is correct , the output we are getting is
not valid.
• Why this happens ? Next..
12

13. • It’s happening because of the input in the password field
making the sql query to be a true (valid) and that why it is
executing and returning the a valid result.
• Actual Query (when we enter valid or wrong input in login
form):
SELECT * FROM site_user WHERE user_name=‘shubham'
AND password=‘shubham’;
• Query with input ‘ or ‘1’ = ‘1 :
SELECT * FROM site_user WHERE user_name=‘anything'
AND password=‘’ or ‘1’=‘1’ ;
13

14. • As per our login page backend login “Things are getting
valid /true line by line” because the query is returning
valid output.
•
14

15. • Aim is to capture the packets / data / cookie / session by
using packet sniffing tools such as WireShark.
• Hackers takes advantage of stateless nature of HTTP.
• They capture the packets flowing across network, extracts
data from packets and inject required data such as cookies
and browser state in their own browser and due to this Web
Servers unable to differentiate between hacker and actual
user.
15

16. • Hacker requires packet sniffing tools such as WireShark
• Hacker need to connect to the local network in which
the user is also connected. 16

17. • Consider any websites such as Facebook , Gmail, Yahoo Mail
which uses cookies for tracking user (As HTTP is stateless Web
Servers needs to track users for indentification).
• To be specific we will consider Facebook.
• Suppose you logged in successfully on your facebook account
using some wifi access point.
• When you logs in on your facebook account, the Facebook
Servers sets cookies with names “ datr” and “cuser” which are
used to indentify you and track your sessions on server.
17

18. • With each request (GET/POST) this cookies are sent in
headers of request back to facebook server and facebooks
server matches those values of cookies with the one that on
the server and if match found then your request is served
otherwise not.
• So if anyone able to access this cookies then he/she can
easily logged in to your account.
• When we are accessing internet through any local
networks such as Wifi Hotspots or Cyber Cafes then this
network uses broadcast mechanism for moving data across
any node in the network.
18

19. • In broadcast network mechanism data packet moves across
the whole network that is even if the packet is not for your PC
(Node) still it comes to your PC and you can even capture it.
• This flowing packets contains data such as PROTOCOL
HEADERS , COOKIES .
• The packets flows underneath of domain.
• Softwares such as Wireshark are able to capture such
flowing packet and Hacker uses such softwares for sniffing
your cookies.
• Once hacker gets your cookie he/she just need to inject
those cookies in the browser and once page is refreshed
hacker gets logged in to your account. 19

20. 20

21. 21

22. 22

23. • Both are old method.
• Aim is to upload .php , .asp , .sh script on server and execute
those script.
• RFI
Consider url
http://downloadlabss.com/p?u=http://www.pragyaa.org/q/1.txt
It means resource on one server is accessible/executable on
other server
• LFI
• Vulnerable Upload Servers
23

24. • A Play with JavaScript and vulnerable backend logic.
• Example: A Comment Box Hack.
24

25. •Worlds most powerful attack technique.
• DDOS stands for Distributed Denial of Service Attack
• More than one Users (PCs) are involved.
• Whole server may crash down.
• Idea is to take control of hundreds of PCs on Internet and
send bulk request to target server.
25

26. • Sometimes uses Exponential Approach
Hacker’s
Server
Network
Server 1
Network
Server m
Network
with
X1 PCs
Network
with
X2 PCs
Target
Server
Bulk Requests
26

27. • To stole information and sale it.
• Spying by different Government Agencies for sake of
international or national politics .
• Getting access to money resources .. Bank accounts , share
markets and commodity markets accounts.
• To become world famous.
• Just for the fun.
27

28. • For SQL Injection :
• Use mysql_string_parse( ) function.
• Avoid use of urls from which backend logic accesses
data directly.
• Parse or validate input data in well manner.
• Use POST method for sending data.
• Use latest version of PHP and MY_SQL.
• For Session Hijacking :
• Use SSL / HTTPS connection which encrypts data
flowing across network
• Avoid use of cookie , use session instead to track
user
• Encrypt cookies 28

29. • For RFI and LFI Attacks :
• Use proxy servers instead of using PROXY SERVER
SOFTWARE (As a Web App).
• Develop a mechanism to parse the contents received
from other servers.
• Improve business logic.
• For XSS Attacks :
•Well parse the user inputs .
• For DDOS Attacks:
• Use firewalls and antivirus programs.
• Avoid giving major permission to websites.
•Block IPs on server which send bulk request.
29

30. Developers thinks that once web application is developed
then work is finished but this is not true for web apps. In
case of web apps maintenance is much more important and
things are need to be well updated, if not so then single
hole of vulnerability may crash down your whole web app
and servers.
Be careful !!!!
30

31. 31

32. 32