Saturday, July 13, 2013

Simple analyst dns spoofing in form site

hi guys, I am including lay people in the security of information systems. Initially I was never in touch with penetration testing tools. and I now realize that I should have the ability in the field of information systems security. at least I can know what vulnerabilities exist on my website.
I'll just share a little about the security of dns spoofing. not many web programmers who know the security holes on its own website. Here I will take a few examples, at least we can secure the login form when we create a website that has a degree in permissions.

in my post this time, I will only discuss the security breaches that occur when we create a login form. alan affection for penetration testing using a simple tool called ettercap.

Her usual when we make a login form, we will make a name for each field with a memorable name. for example:

I will create a login form with username and password fields. usually a common web programmer will create a field name that is similar to the label field. as an example in flogin.php

The source code is  

<form action="tologin.php" method="POST">
Username <input name="username">
Password <input name="password">
</ form>

as a small picture, a login form with the HTML tag type as it is very vulnerable to capture in the dns spoofing techniques.

we prove to scan web pages which I have provided with a login form like the format.

# ettercap -T -q -M arp -i em1 -P dns_spoof ///

the technique as above, we will scan the network for which we use locan. ate whenever a user logs on and happened to be in our network and form login form as above, we will get results like this.

easy way to prevent this, do not use the name in the input field login form with username / password or user / pass to use the name with extra characters or use a different name from text label of field.

may be useful, and sorry if my english not  good