Web Hacking presented at BlackHatAsia 2001

by Saumil Udayan Shah, Jd Glaser,

Summary : Web hacking is the next generation of hacking "kung fu." The previous generation of hackers concentrated on operating systems and network protocols, but operating systems are getting more robust and resistant to attacks and network protocols are getting more secure. On the other hand, e-commerce technology is increasingly common and complex. Unfortunately, not enough effort has been spent on securing Web-based infrastructure. Join us for an eye-opening demonstration on what can go wrong with poorly secured Web applications, how severe the risks are, and how to protect yourself and your company from these Web ninjas.
We shall be covering vulnerabilities ranging from web server misconfigurations, improper URL parsing, application level vulnerabilities, Java application server hacking and some special advanced techniques.