Ethical Hacking and Penetration Testing Guide


◾  Ethical Hacking and Penetration Testing Guide Username Enumeration



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə190/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   186   187   188   189   190   191   192   193   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

314
◾ 
Ethical Hacking and Penetration Testing Guide
Username Enumeration
Sometimes it’s possible to check if a current user exists in the database or not based upon the 
error messages that the application displays. This could be very helpful in cases where you want 
to conduct a brute force attack or an attack against a particular user. It could also aid you when 
exploiting the password reset feature. Let’s take a look at an example of how this works.
Invalid Username with Invalid Password
We have a popular website xyz.com. When we enter an invalid username with an invalid pass-
word, the following error is displayed:
“Username is invalid,” indicating that the particular username was not found in the website’s 
database.
Valid Username with Invalid Password
When we enter a valid username with invalid password, the following error is displayed:
“Password is incorrect.”
Not to mention, the website provided is well known; however, this isn’t a big issue for them 
because most of their usernames are already public in their forums, listings, and market places, but 
certainly, this can still be an issue in several other applications.
Enabling Browser Cache to Store Passwords
Another bad security practice that is often followed is developers using autocomplete function for 
password fields, which enables the passwords to be saved in browser cache allowing an attacker to 
access the password if he can somehow access the browser cache.
We can check if autocomplete is enabled with the following command:

To protect against this issue, it’s recommended that the autocomplete be disabled.

Web Hacking
◾ 
315
Brute Force and Dictionary Attacks
In the Remote Exploitation chapter (Chapter 7), we discussed how we can use brute force or dic-
tionary attacks to crack various services such as ftp, SSH, and RDP by using various tools such as 
hydra, Medusa, and ncrack. However, we didn’t talk about brute forcing HTTP protocol authen-
tication schemes in Chapter 7 as it is more appropriate to discuss here.

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   186   187   188   189   190   191   192   193   ...   235



Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət
gir | qeydiyyatdan keç
    Ana səhifə
Stomatologiya
Anesteziologiya
Cərrahlıq
Ginekologiya
Tibb

yükləyin