General Information - OrestisPrg/bsc_project GitHub Wiki
Ports
- Registered Ports: (1-1024) ports assigned to protocols by IANA (eg. HTTP:80, HTTPS:443,...)
- Ephemenal Ports: (1024-65535) randomly assigned to a connection
ifconfig: list network interfaces
dig domain @[ipaddress]
DNS lookup
Common Attacks
Code Injection
Code injection can be defined as the malicious insertion of code into a vulnerable piece of code or program, in order to modify it and its function.
HTML Injection
A successful HTML Injection can:
- tamper an HTML page and its contents (by injecting HTML code)
- deface the website
- redirect the user to a malicious website
Input Sanitization
The process of checking user input before using/storing it to ensure that it conforms to security-related requirements regarding leaking or exposure of sensitive data and to prevent malicious code injection, when crossing across a trust boundary.
Sanitization may include the elimination of unwanted characters from the input by means of removing, replacing, encoding, or escaping the characters.