Item description for Hacker Web Exploitation Uncovered by Marsel Nizamutdinov...
A description and analysis of the vulnerabilities caused by programming errors in Web applications, this book is written from both from the attacker's and security specialist's perspective. Covered is detecting, investigating, exploiting, and eliminating vulnerabilities in Web applications as well as errors such as PHP source code injection, SQL injection, and XSS. The most common vulnerabilities in PHP and Perl scripts and methods of exploiting these weaknesses are described, information on writing intersite scripts and secure systems for the hosted sites, creating secure authorization systems, and bypassing authorization. Uncovered is how attackers can benefit from the hosted target and why an apparently normal-working application might be vulnerable.
Promise Angels is dedicated to bringing you great books at great prices. Whether you read for entertainment, to learn, or for literacy - you will find what you want at promiseangels.com!
Est. Packaging Dimensions: Length: 9.1" Width: 7.3" Height: 1" Weight: 1.5 lbs.
Release Date Jun 28, 2005
Publisher A-List Publishing
ISBN 1931769494 ISBN13 9781931769495
Availability 0 units.
More About Marsel Nizamutdinov
Marsel Nizamutdinov is an operations research and system analysis specialist.
Reviews - What do customers think about Hacker Web Exploitation Uncovered?
two sides of the fence Aug 6, 2005
Black hats and white hats might both be attracted by this book. It is not written for the casual reader. You should already be a skilled programmer, and well versed in HTML and running a web server.
The gist of the book is essentially about breaking into a website. It describes common weaknesses in the writing of webpages. If these hook up to a back end SQL database, and they accept user input, then there might be a SQL injection attack. Where the attacker sits at a browser, goes to the vulnerable page, and tries to present text input that has appended SQL commands that she hopes will be executed by the database. Relatively rare, but dangerous when it happens.
Then there are Perl and PHP scripting attacks. Both languages are vulnerable to these. The book also explains cross site scripting [XSS]. Ingenious and nefarious attacks.
If you are a sysadmin and you've never encountered these ideas in detail before, the book can be an eyeopener.