4.0
1NSchAb
1NSchAb
- No tags were found...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
156<br />
Web Application Penetration Testing<br />
Test: 408 Request Time-out<br />
telnet 80<br />
GET / HTTP/1.1<br />
- Wait X seconds – (Depending on the target server, 21<br />
seconds for Apache by default)<br />
Result:<br />
HTTP/1.1 408 Request Time-out<br />
Date: Fri, 07 Dec 2013 00:58:33 GMT<br />
Server: Apache/2.2.22 (Ubuntu) PHP/5.3.10-1ubuntu3.9 with<br />
Suhosin-Patch<br />
Vary: Accept-Encoding<br />
Content-Length: 298<br />
Connection: close<br />
Content-Type: text/html; charset=iso-8859-1<br />
...<br />
408 Request Time-out<br />
...<br />
Apache/2.2.22 (Ubuntu) PHP/5.3.10-1ubuntu3.9<br />
with Suhosin-Patch at Port 80<br />
...<br />
Test: 501 Method Not Implemented<br />
telnet 80<br />
RENAME /index.html HTTP/1.1<br />
Host: <br />
<br />
Result:<br />
HTTP/1.1 501 Method Not Implemented<br />
Date: Fri, 08 Dec 2013 09:59:32 GMT<br />
Server: Apache/2.2.22 (Ubuntu) PHP/5.3.10-1ubuntu3.9 with<br />
Suhosin-Patch<br />
Allow: GET, HEAD, POST, OPTIONS<br />
Vary: Accept-Encoding<br />
Content-Length: 299<br />
Connection: close<br />
Content-Type: text/html; charset=iso-8859-1<br />
...<br />
501 Method Not Implemented<br />
...<br />
Apache/2.2.22 (Ubuntu) PHP/5.3.10-1ubuntu3.9<br />
with Suhosin-Patch at Port 80<br />
...<br />
Test:<br />
Enumeration of directories by using access denied error messages:<br />
http://<br />
Result:<br />
Directory Listing Denied<br />
This Virtual Directory does not allow contents to be listed.<br />
Tools<br />
• ErrorMint - http://sourceforge.net/projects/errormint/<br />
• ZAP Proxy - https://www.owasp.org/index.php/OWASP_Zed_<br />
Attack_Proxy_Project<br />
References<br />
• [RFC2616] Hypertext Transfer Protocol -- HTTP/1.1<br />
• [ErrorDocument] Apache ErrorDocument Directive<br />
• [AllowOverride] Apache AllowOverride Directive<br />
• [ServerTokens] Apache ServerTokens Directive<br />
• [ServerSignature] Apache ServerSignature Directive<br />
Remediation<br />
Error Handling in IIS and ASP .net<br />
ASP .net is a common framework from Microsoft used for developing<br />
web applications. IIS is one of the commonly used web<br />
servers. Errors occur in all applications, developers try to trap<br />
most errors but it is almost impossible to cover each and every<br />
exception (it is however possible to configure the web server to<br />
suppress detailed error messages from being returned to the<br />
user).<br />
IIS uses a set of custom error pages generally found in c:\winnt\<br />
help\iishelp\common to display errors like ‘404 page not found’<br />
to the user. These default pages can be changed and custom errors<br />
can be configured for IIS server. When IIS receives a request<br />
for an aspx page, the request is passed on to the dot net framework.<br />
There are various ways by which errors can be handled in dot net<br />
framework. Errors are handled at three places in ASP .net:<br />
• Inside Web.config customErrors section<br />
• Inside global.asax Application_Error Sub<br />
• At the the aspx or associated codebehind page in the Page_Error<br />
sub<br />
Handling errors using web.config<br />
<br />
<br />
<br />
<br />
mode=”On” will turn on custom errors. mode=RemoteOnly will<br />
show custom errors to the remote web application users. A user<br />
accessing the server locally will be presented with the complete<br />
stack trace and custom errors will not be shown to him.<br />
All the errors, except those explicitly specified, will cause a redirection<br />
to the resource specified by defaultRedirect, i.e., myerrorpagedefault.aspx.<br />
A status code 404 will be handled by myerrorpagefor404.aspx.