Finding vulnerabilities in Web servers

Web server vulnerabilities

A web server has both hardware and software components. Hackers target the software component to gain unauthorized entry to the webserver. Here are some of the common vulnerabilities the hackers exploit 

 Default settings

Default settings will leave the server open to most tricks employed by the hackers. These settings, which might include default usernames and passwords, can be easily guessed by the hacker. Default setting might also allow dangerous scripts stiched by hackers to run on the server without authorization 

Misconfiguration 

Specific configurations of operating systems and networks such as allowing users to execute commands on the server can be dangerous. As mentioned earlier, if the user does not have good password hackers can run malicious scripts on the server

Bugs in the operating system and web servers

Bugs discovered in the operating system or web server's software can be used to gain access to the system without authorization 

Image credits - www.techbooky.com

Lack of security and procedures

Lack of basic security policy and procedures such as regularly updating the antivirus software or patching the operating system and web server software or patching the operating system and web server software can create major security loopholes for hackers to exploit

image credit - www.cspert

Types of Web Servers

Before we get into the warzone, we need to know the enemy. Common web servers are listed below:

 1. Apache - The most commonly used web servers on the internet (it is in open-source software).

67% of all web servers employ Apache HTTP Server. Most PHP website on this type of web server

 Image credits - www.zdnet.com

2. Internet Information Services (IIS) - It is a high-performance web server from Microsoft. It comes with Windows and is second to only Apache in usage. Most asp and aspx website are hosted on IIS servers. 

Image credits - www.digicert.com

3. Nginx - Another free open source web server. In recent times, it is getting very popular,

with about 7.5% of all domains worldwide using it.

                                                    image credits - www.techrepublic.com

4. Other web servers - These include Novell's Web Server, IBM,s Lotus Domino servers and LightSpeed web server.

                                                    Image credits - www.paessler.com

Web server attack tools 

 Some common webserver attacks tools are:

1. Metasploit - this is an open-source tool for developing, testing and using exploit code. it runs on both Unix based OS and Windows. It is used by hackers for exposing the vulnerabilities of a target

                                                Image credits - www.andreafortuna.org

2. MPack - this is an exploitation tool.written in PHP and with MySQL as the backend database engine, MPack is another popular choice of hackers. Using MPack, we can redirect all traffic to a web server.

                                                              Image credits - www.mpack.ie

3. Zeus - this is an essential tool that is used to turn a compromised computer into a zombie or a bot. A bot is a compromised computer that can further be used to perform internet-based attacks. A botnet is a collection of bots which can collectively havoc by denial of service attack or sending spams emails 

                                                         image credit - securityaffairs.com