E-Commerce Cracking Study

Online Investment System


End users’ client machines
Internet Routers
Firewalls
Front-end web and email servers
Application server
Databases
Workstations

Step 1 (Gaining Access)

-Misuse of Common Gateway Interface (CGI) scripts or other middlewareomponents
-This is a common method used to gain access to server shell
-Complexity of the logic introduces vulnerabilities
-Lack of Sanity Checking (failing to impose limits on acceptable input)
-All of this is Step 1 to gain privilege access to the server
-Once access is gained can disable other security and launch an “asymmetric” attack (after gaining root capability disabling other security measures)

Step 2 (Exploiting the Advantage)

-Exploits trust between machines on a network to gain access to other machines -Ones access is gains can download customer information, passwords, and databases

Step 3 (Implementing the Backdoors)

-Put in backdoor entries which allow future access
-“Rootkit” tools used by Crackers allow access and eliminate evidence of intrusion ("Back Orifice" is a common remote administration program used by hackers)
-Hacker now has total control of the system (At this point, the hacker can blackmail the business with threats, deface the site, work in "stealth mode" or subvert the application for personal gain)

BACK - NEXT