[ Return to faqs page ]

The Unofficial Web Hack FAQ

Beta Version 3
March 4, 1998

Compiled by Simple Nomad

Disclaimer - I disclaim all of you.

Tunes - NIN, Stravinsky, Xen.


N means New, U means Updated

Section 00

General Info

  00-1. What is this "FAQ" for?
  00-2. What is the origin of this FAQ and how do I add to it?
U 00-3. Is this FAQ available by anonymous FTP or WWW?
  00-4. What conventions are used in this document?
  00-5. What is needed in this FAQ?
  00-6. Where can I get more info regarding Web security?

Section 01

The Browser

  01-1. What is "unsafe" about my browser?
  01-2. What is vulnerable about history, bookmark, and cache files?
  01-3. What other browser files are important?
  01-4. Can you tell me more about the "cookie" file?
  01-5. How can I protect my browser files?
  01-6. Are there any default browser holes?
  01-7. What about Internet Explorer?

Section 02

URL Attack Time

  02-1. What is phf?
  02-2. What's the "test" hack?
  02-3. What about that ~ character?
  02-4. What's the deal with forms?
  02-5. What will this look like in the target's log files?
  02-6. What's the deal with Server-Side Includes?
  02-7. What if SSIs are turned on but includes are stripped from user
  02-8. What is the jj.c problem?
  02-9. What are SSL and SHTTP?
  02-10. How can I attack "anonymously"?
N 02-11. What is the "asp dot" attack?

Section 03

The Basic Web Server

  03-1. What are the big "weak spots" on servers?
  03-2. What are the critical files?
  03-3. What's the difference between httpd running as a daemon vs. running
        under inetd?
  03-4. How does the server resolve paths?
  03-5. What log files are used by the server?
  03-6. How do access restrictions work?
  03-7. How do password restrictions work?
  03-8. What is "Web Spoofing"?

Section 04

Fun with Other Web Servers

  04-1. What are some known vulnerabilities with Microsoft Internet
        Information Server?
  04-2. What are some known vulnerabilities with Netscape for NT?
U 04-3. What about WebSite and Purveyor?
  04-4. Is Novell's IntranetWare web server software vulnerable?
  04-5. What about WebSTAR for the Mac?
  04-6. Does CERN's httpd have any vulnerabilities?
N 04-6. What is the iCat Carbo Server bug?

Section 05

Fun with Java/JavaScript/ActiveX

  05-1. What is a JavaScript Applet?
  05-2. What is the JavaScript problem?
  05-3. What is an example of this "bad" Java code?
N 05-4. What about ActiveX?

Section 06

WWW as an InfoWar Tool

  06-1. What are some good search engines?
  06-2. What "vulnerable" files can I find?
  06-3. What is Internet vs. Intranet servers?
  06-4. I want to hack a site. How can the web help me?
  06-5. Where does the "social engineer" look on the web?

Section 07

CGI, Perl, Scripts, etc.

  07-1. What is CGI?
  07-2. Are there default vulnerabilities?
  07-3. How do I spot code with holes?
  07-4. Why are buffers so important?

Section 08

For The Lamer...

  08-1. How can I falsely increase the hits on my counter?
  08-2. My ISP limits web space and I want tons of graphics. What do I do?
  08-3. How can I get pictures without paying for them at adult web sites?

Section 09

For The Stupid...

  09-1. How do I secure things?
  09-2. I'm an idiot. Exactly how do hackers get in?
  09-3. I have xxx setup and xxx version running. Am I secure?

[ Return to FAQ Page ]