Web Server Security
Disclaimer : This subject is made with root-me challenges but you still must enter the flag you found in the CTF platform of this pool with the format PoC{flag you found}.
Introduction
Web server are a major component of web services. It is the part dealing with databases and user authentication. If a security issue is detected is a web server, it can lead to severe security problems : credentials stealing, code injection, modification of the user interface etc.
A useful tool to play with Web Server security is the Burp Community Suite which will allow you to see and edit your HTTP requests. Do not hesitate to ask a PoC helper for installation issues !
-1 - Understand all this stuff
Take some paper and a pen (or go to paint online :p) and represent all the interactions between the frontend, the backend API and the database for a Login page.
You must represent your HTTP requests as clearly as possible (with at least the verb and the targeted url).
Show it to a helper once you’re proud of your scheme !
0 - Basic misconfigurations
In this first part, we are going to learn to detect and exploit basic server misconfigurations which can lead to severe security issues.
Start with these challenges : 1. Command Injection 2. Directory Indexing 3. Verb Tampering
1 - Authentication issues
Some token and cookies system were invented in order to be able to recognize a user when he is logged in. These tokens must be really secured in their implementation, otherwise you can make some serious damages… This challenge will make you exploit a vulnerable configuration of a JSON Web Token.
2 - PHP nonsense
PHP has known a lot of severe security vulnerabilities which make it a meme in the security community. Let’s start our PHP joke discovery with Type Juggling !
3 - File Inclusions
File Inclusions are misconfigurations that lead to the execution / exploitation of files that are not supposed to be treated by the web server application…