This chapter will focus primarily on infrastructure attacks against web servers. You will explore the technology that supports web applications, including the protocols of the Web, web server software, and server-side technologies. You will see how it might be possible to gain access to the underlying operating system by exploiting holes in these web technologies. Eventually, the Linux kernel itself will be exploited to gain root access to the book lab.

You may already be aware of such common web server software as Apache, Nginx, and Microsoft Internet Information Services (IIS). We will also examine the Hypertext Transfer Protocol (HTTP) and the so-called secure version of this protocol (HTTPS). Further, we will look at Java servlets, which are containers for hosting web applications written in Java (like those used by online banking). We will use tools designed for identifying weaknesses in web infrastructure and legacy technology like the Common Gateway Interface (CGI). You will also be introduced to additional problems with services vulnerable to Heartbleed, and we will likewise study Shellshock, another well-known and widespread vulnerability.

After working our way through a number of typical web server ports, we will investigate one of the ways that you might escalate your privileges on a compromised web server. Almost everything but the actual web application, which you would typically find running on ports 80 and 443, will ...