Hello everyone, I hope you are having fun with everything you engage with in this earthly life but remember always be at peace with the universal energies filled in this world.
This is my first write up on medium and I’m going to share some interesting findings in the area of Cyber Security which blew my mind and I call it URI|URL handling which is|are caused by mishandling of some in dept parameters.
Don’t worry if you are not in the field of Cyber Security I’ll break this down to the lowest form for anyone to understand its concepts.
Firstly, we must look at URL|URI programming and how it birthed this vulnerability.
Using this diagram below I will quickly explain the basic idea revolving around the concept of URL|URI programming.
Looking closely at (1) we realized that you asked the web server for a certain resource something like following the canonical >> http|https://host:port/path/file.
http|https://greyhatcybersolutions.000webhostapp.com:8080|443 (test example)
Looking at (2) we realized that our requests has transcended using the GET request format which moves towards the server.
At (3) the server looks for the requested file from the browser using some certain mechanics.
If the file is REQUESTED is found then:
At (4) the server sends back the requested file to the browser thus At(5) the browser renders the information gotten for the user.
The mechanism above gave rise to the bug which affected the URI drastically and which i used to MISHANDLE AN INVOICE FOR A BIG CAR COMPANY FROM JAPAN(Yeah!! i know what you are thinking.
I love Ethical hacking|Cyber Security a lot and love to stay in my boundaries remember this is for educational purposes only.)
Lets get straight into action , tools needed for the exploit are:
(2) Brain (Working one filled with good vibrations)
After looking closely at that parameter considering the fact that there were constant use of the ampersand (&) So I invoked the encoding features of the URI|URL by changing it from UTF-8 to a completely masked character showing in some other language different from what is being sanitized across the server.
To understand the full concept of character encoding you can check here
After the complete handling I found some interesting stuffs which blew my mind.
This was the information gotten from at initial stage of the attack when the encoded values of most parameters has not transcended past the filters.
After the values has been mishandled it resulted to the server sending an altered response that does not correspond to its initials.
The hacker only makes a gross payment of dollars based on its warranty the problem here is most attacks can translate themselves into more devastating attacks of the hacker is very creative.
Thank you for reading you can relate with me on this platforms.
https://t.me/ETHICALHACKERSC LEGEND(L0g1c) |
Greetings to all members of the SHADOW PYRATICAS BROAD.
REMEMBER: Light needs darkness to shine.