Chapter 12: Web Hacking

OVERVIEW

Despite a brief slowdown in the early part of the millennium , the World Wide Web continues to expand far beyond the expectations of most of us who use it every day. Legacy systems are being replaced with dynamic and interactive, web-based applications hosted on web servers that reach into enormous troves of back-end databases. The continuing deployment of broadband Internet access has opened up a range of rich multimedia enhancements to the basic web experience. And dramatic improvements in wireless technologies have given a new " anywhere , anytime " aspect to web apps.

But with every web application that comes online and every e-business that lights up a rack of servers, malicious hackers will be waiting to attack. Indeed, the Web's enormous popularity has driven it to the status of prime target for the world's miscreants. With continued rapid growth fueling the flames, and firewalls being relatively powerless to stop crafty attackers hitchhiking on legitimate HTTP/HTTPS traffic, things are only going to get worse . This chapter seeks to outline the scope of the web-hacking phenomenon and show you how to avoid becoming just another statistic in the litter of web properties that have been victimized over the past few years .