Hacker Web Exploitation Uncovered [Paperback]

Marsel Nizamutdinov (Author)

Book Description

Publication Date: June 28, 2005

A description and analysis of the vulnerabilities caused by programming errors in Web applications, this book is written from both from the attacker's and security specialist's perspective. Covered is detecting, investigating, exploiting, and eliminating vulnerabilities in Web applications as well as errors such as PHP source code injection, SQL injection, and XSS. The most common vulnerabilities in PHP and Perl scripts and methods of exploiting these weaknesses are described, information on writing intersite scripts and secure systems for the hosted sites, creating secure authorization systems, and bypassing authorization. Uncovered is how attackers can benefit from the hosted target and why an apparently normal-working application might be vulnerable.

Editorial Reviews

About the Author

Marsel Nizamutdinov is an operations research and system analysis specialist.

Product Details

• Paperback: 450 pages
• Publisher: A-List Publishing (June 28, 2005)
• Language: English
• ISBN-10: 1931769494
• ISBN-13: 978-1931769495
• Product Dimensions: 9.2 x 7.4 x 0.8 inches
• Shipping Weight: 1.5 pounds
• Average Customer Review: 4.5 out of 5 stars  See all reviews (2 customer reviews)
• Amazon Best Sellers Rank: #2,906,160 in Books (See Top 100 in Books)

Customer Reviews

Most Helpful Customer Reviews

5 of 6 people found the following review helpful:

4.0 out of 5 stars two sides of the fence, August 5, 2005

By 

W Boudville (Terra, Sol 3) - See all my reviews
(VINE VOICE)    (TOP 1000 REVIEWER)    (HALL OF FAME REVIEWER)    (REAL NAME)   

This review is from: Hacker Web Exploitation Uncovered (Paperback)

Black hats and white hats might both be attracted by this book. It is not written for the casual reader. You should already be a skilled programmer, and well versed in HTML and running a web server.

The gist of the book is essentially about breaking into a website. It describes common weaknesses in the writing of webpages. If these hook up to a back end SQL database, and they accept user input, then there might be a SQL injection attack. Where the attacker sits at a browser, goes to the vulnerable page, and tries to present text input that has appended SQL commands that she hopes will be executed by the database. Relatively rare, but dangerous when it happens.

Then there are Perl and PHP scripting attacks. Both languages are vulnerable to these. The book also explains cross site scripting [XSS]. Ingenious and nefarious attacks.

If you are a sysadmin and you've never encountered these ideas in detail before, the book can be an eyeopener.

5.0 out of 5 stars Review, June 15, 2009

By 

Johnny (California) - See all my reviews

This review is from: Hacker Web Exploitation Uncovered (Paperback)

I received the book in few days and in good condition. In my opinion, you can trust this seller.