General Information - OrestisPrg/bsc_project GitHub Wiki

Ports

• Registered Ports: (1-1024) ports assigned to protocols by IANA (eg. HTTP:80, HTTPS:443,...)
• Ephemenal Ports: (1024-65535) randomly assigned to a connection

ifconfig: list network interfaces
dig domain @[ipaddress] DNS lookup

Common Attacks

Code Injection

Code injection can be defined as the malicious insertion of code into a vulnerable piece of code or program, in order to modify it and its function.

HTML Injection

A successful HTML Injection can:

• tamper an HTML page and its contents (by injecting HTML code)
• deface the website
• redirect the user to a malicious website

Input Sanitization

The process of checking user input before using/storing it to ensure that it conforms to security-related requirements regarding leaking or exposure of sensitive data and to prevent malicious code injection, when crossing across a trust boundary.

Sanitization may include the elimination of unwanted characters from the input by means of removing, replacing, encoding, or escaping the characters.