Anatomy of Attacks
Steps in Web Application Attacks (Microsoft)
- Survey and Assess:
The first step an attacker usually
takes is to survey the potential target to identify and assess its
characteristics. The attacker uses the information gathered in the
survey and assess phase to plan an initial attack. For example, an
attacker can detect a cross-site scripting (XSS) vulnerability by
testing to see if any controls in a Web page echo back output.
by entering: "<script>window.open("http://...")</script>")
- Exploit and Penetrate:
The next step is to exploit and penetrate. For an attacker, the easiest
way into an application is through the same entrance that legitimate
users use, for example, through the application's logon page or a
page that does not require authentication.
- Escalate Privileges:
After attackers are able to get in, they manage to escalate the
privileges. They specifically look for administration privileges
provided by accounts that are members of the Administrators group. They
also seek out the high level of privileges offered by the local system
- Maintain Access:
Having gained access to a system, the attackers then take steps to make
future access easier and to cover up their evil tracks. Common
approaches for making future access easier include planting back-door
programs or using an existing account that lacks strong protection.
- Deny Service:
Attackers who cannot gain access often mount a denial of service attack
to prevent others from using the application. For other attackers, the
denial of service option is their goal from the outset.
(source: Improving Web Application Security)
Steps in Web Application Attacks (Security Innovation)
- Data Gathering: The
hacker attempts to learn as much information about the target
machine and target's organization as possible.
- Exploitation Based on
vulnerabilities found in the Data Gathering phase, the hacker tries to
find the most powerful vulnerability with the least amount of
difficulty and the least possibility of being traced or discovered.
- Elevate Privileges: The hacker
tries to elevate his privileges to administrator or root to
install a rootkit, cover tracks, and gather more sensitive
- Cover Tracks and Install Tools:
Many tools may be utilized to aid the hacker in covering their tracks
including destroying logs, installing backdoors, key loggers, and other
- Gather Sensitive Information:
Once each of these steps has been completed the hacker can finally reap
the fruits of his efforts.