Thursday, April 10, 2008

I want to be a web app hacker

| Armando Romeo |

Oh well, countless times I've heard people consider themselves hackers just because they got an SQL error after giving a quote character " ' " instead of a numeric value in a web application parameter.
How they would browse the database content is still them.

Web application security has been my first love. I had done some nice researches on it too and spent hours and hours playing with http protocols and server side scripting. And these are the initial (annoying-not-to-me) steps that everyone interested to enter this field should take.

But this quick post, is not about how to become a hacker but how nice it can be if you just learn by practice using some nice tools freely available: BurpSuite or Webscarab to name the best learn-while-hacking tools.

Both are well known to experts in the field as they are good companions while pen-testing a web app in black-box "style".

And both are not those kind of tools that do the task in one click but they assume a basic knowledge of the protocols and the actors' roles in the scene (client and web server). So they are great while in learning-mode and great even when you get pro.

So the best (humble) advice I could give to anyone willing to enter this field is to install some open source web application and try to attack it in "black-box" mode using the above tools to intercept request and manipulate them.

Once you have found something looking like a vulnerability then browse through the code and understand where and why the vulnerability is there.

Next step would be to understand the state-of-the-art coutermeasures/mitigating factors and iterate again to find circumventions of such countermeasures.

I find this the best way to understand what's going on under the hood and also the best way to write secure code when you are on a web application coding task.

Free Security Magazines