Attacks, Threats

Command Execution :
The Command Execution section covers attacks designed to execute remote commands on the web site. All web sites utilize user-supplied input to fulfill requests. Often these user-supplied data are used to create construct commands resulting in dynamic web page content. If this process is done insecurely, an attacker could alter command execution.

Buffer Overflow :
Buffer Overflow exploits are attacks that alter the flow of an application by overwriting parts of memory.

Format String Attack :
Format String Attacks alter the flow of an application by using string formatting library features to access other memory space.

LDAP Injection :
LDAP Injection is an attack technique used to exploit web sites that construct LDAP statements from user-supplied input.

OS Commanding :
OS Commanding is an attack technique used to exploit web sites by executing Operating System commands through manipulation of application input.

SQL Injection :
SQL Injection is an attack technique used to exploit web sites that construct SQL statements from user-supplied input.

SSI Injection :
SSI Injection (Server-side Include) is a server-side exploit technique that allows an attacker to send code into a web application, which will later be executed locally by the web server.

XPath Injection :
XPath Injection is an attack technique used to exploit web sites that construct XPath queries from user-supplied input.

Client-side Attacks :
The Client-side Attacks section focuses on the abuse or exploitation of a web site's users. When a user visits a web site, trust is established between the two parties both technologically and psychologically. A user expects web sites they visit to deliver valid content. A user also expects the web site not to attack them during their stay. By leveraging these trust relationship expectations, an attacker may employ several techniques to exploit the user.

Content Spoofing :
Content Spoofing is an attack technique used to trick a user into believing that certain content appearing on a web site is legitimate and not from an external source.

Cross-site Scripting :
Cross-site Scripting (XSS) is an attack technique that forces a web site to echo attacker-supplied executable code, which loads in a user's browser.

LDAP Injection :
LDAP is an acronym for Lightweight Directory Access Protocol. LDAP is a protocol to store information about users, hosts, and many other objects. LDAP injection is a server side attack, which could allow sensitive information about users and hosts represented in an LDAP structure to be disclosed, modified, or inserted.
This is done by manipulating input parameters afterwards passed to internal search, add, and modify functions.

Let's suppose we have a web application using a search filter like the following one:
usersearchfilter="(usr="+username+")"
which is instantiated by an HTTP request like this:
http://www.example.com/ldapsearch?username=satish
If the value 'satish' is replaced with a '*', by sending the request:
http://www.example.com/ldapsearch?user=*
the filter will look like:
usersearchfilter="(usr=*)"
which matches every object with a 'usr' attribute equals to anything.
If the application is vulnerable to LDAP injection, it will display some or all of the users' attributes, depending on the application's execution flow and the permissions of the LDAP connected user.
A tester could use a trial-and-error approach, by inserting in the parameter '(', '|', '&', '*' and the other characters, in order to check the application for errors.