Tuesday, September 27, 2011

ATTACKS

Attacks are two types:
TECHNICAL ATTACKS
  • DOS Attacks: Crashing down or terminating the services.
  1. Ping of Death
  2. Land Attack
  3. Smurf Atack
  4. Tear Drop Attack
  5. Sys flud Atttack 
  • D-DOS attacks
  1. Cross Scripting
  2. SQL Injection
NON-TECHNICAL ATTACKS

  1. Social Engineering
  2. Pre-texing
  3. Phishing
  1.  
Posted by at No comments:

EXPLOIT

Exploit is by which an attacker takes advantage of a flaw with in a system and application.

PAYLOAD
A payload is code that we want the system to execute and that is to be selected and delivered by the Framework.

Ex: Reverse Shell -- Creates connection
Bind Shell -- Binds command prompt to listening port

OPTIONS IN PAYLOADS

SHOW
SET
USE


Posted by at No comments:

XSS ATTACK

Which takes the advantage of web vulnerabilities. Attackers sends malicious code to collect the user information like cookies. Malicious code nothing but java script,vb script etc.
Posted by at No comments:

SQL INJECTION

Exploiting the web applications b inserting insecure sql code.(Piggyback sql commands).

examples: Querry string perameter  attack
post perimeter attack
GET FTP payload attack
GET manual setup binary payload attack

Posted by at No comments:
Subscribe to: Posts (Atom)