Chapter 3. Vulnerabilities and Adversaries

Any time you try a decent crime, there are 50 ways to screw up. If you think of 25 of them, you’re a genius. And you’re no genius.

Mickey Rourke Body Heat (1981)

Software engineers build increasingly elaborate systems without considering even half of the ways to screw up. Thanks to cloud computing and increasing layers of abstraction, unsafe products will persist, and the computer security business will remain a lucrative one for years to come.

The Fundamental Hacking Concept

Hacking is the art of manipulating a system to perform a useful action.

A basic example is that of the humble search engine, which cross-references user input with a database and returns the results. Processing occurs server-side, and by understanding the way in which these systems are engineered, an adversary can seek to manipulate the application and obtain sensitive content.

Decades ago, the websites of the US Pentagon, Air Force, and Navy had this very problem. A search engine called multigate accepted two arguments in particular: SurfQueryString and f. The contents of the server’s /etc/passwd file were revealed via a crafted URL, as shown in Figure 3-1.

Exploiting the multigate search engine
Figure 3-1. Exploiting the multigate search engine

These sites were defended at the network layer by firewalls and security appliances. However, by the very nature of the massive amount of information stored, ...

Get Network Security Assessment, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.