Security testing of Server and Website code
I am specifically talking about web servers, running Linux. I have always been curious of did hackers can get in the entry point. I mean the point of access. The way a hacker gets into the server and the website code.
Could I get an example of how a hacker would make an entry point into a webserver? Any C language is acceptable. I have absolutely no experience in hacking
A simple example would be appreciated.
• One legit and one malicious example
• Some examples require URL encoding to work
The thinks need to be test
Cross Site Scripting (XSS)
Remote code execution
Exploit (logs in without knowing admin password):
Exploit (fetches /etc/passwd):
Exploit (Sends user from your page to evil page) :
Failure to Restrict URL Access
Cross-Site Request Forgery
Buffer overflow (technically by accessing an URL, but implemented with metasploit
The (currently) most common way in is through holes in PHP applications where we need to find out how secure they are!
Need fully screenshot or excel report
The best offer and quality samples will be appreciated