A Comprehensive Approach to Abusing Locality in Shared Web Hosting Servers

Mirheidari, Seyed Ali; Arshad, Sajjad; Khoshkdahan, Saeidreza; Jalili, Rasool

doi:10.1109/trustcom.2013.200

Cited by 7 publications

(6 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Vasek et al [16] examined the effectiveness of sharing abuse data with web hosting providers to mitigate malicious online activities. Mirheidari et al [23] devised two attacks against web servers exploiting the improper isolation between files on shared web hosting servers. Also, in et al [24] outlined a comprehensive overview of common attacks on shared Web servers.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Do Content Management Systems Impact the Security of Free Content Websites?

Alqadhi

Alabduljabbar

Thomas

et al. 2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Free Content Websites (FCWs) are a significant element of the Web, and realizing their use is essential. This study analyzes FCWs worldwide by studying how they correlate with different network sizes, cloud service providers, and countries, depending on the type of content they offer. Additionally, we compare these findings with those of premium content websites (PCWs). Our analysis concluded that FCWs correlate mainly with networks of medium size, which are associated with a higher concentration of malicious websites. Moreover, we found a strong correlation between PCWs, cloud, and country hosting patterns. At the same time, some correlations were also observed concerning FCWs but with distinct patterns contrasting each other for both types. Our investigation contributes to comprehending the FCW ecosystem through correlation analysis, and the indicative results point toward controlling the potential risks caused by these sites through adequate segregation and filtering due to their concentration.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Mirheidari et al [23] devised two attacks against web servers exploiting the improper isolation between files on shared web hosting servers. Also, in et al [24] outlined a comprehensive overview of common attacks on shared Web servers. Correlation Analysis.…”

Section: Related Workmentioning

confidence: 99%

Do Content Management Systems Impact the Security of Free Content Websites?

Alqadhi

Alabduljabbar

Thomas

et al. 2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…According to the authors, to be susceptible to such an attack, a PHP interpreter should be used as an Apache module because when Apache runs PHP interpreter as CGI, the new PHP interpreter process does not inherit the log file descriptor from Apache, so the malicious script cannot re-open the log file with a write access and alter its content. The sample PHP script for the log poisoning attack is provided in [13] and [14]. The authors emphasized that having write access to log files in shared web hosting leads to very dangerous situations where attackers would have a fertile environment to perform various attacks on the hosted websites.…”

Section: Background and Literature Reviewmentioning

confidence: 99%

Log Poisoning Attacks in Internet of Things (IoT)

Noman,

Abu-Sharkh,

Noman

2023

Preprint

View full text Add to dashboard Cite

The rapid spread of IoT devices has introduced a complex landscape of security threats, compromising device functionality and user privacy. Among these threats, log poisoning attacks have recently garnered attention among cybersecurity practitioners for their severity and effectiveness. Log poisoning involves the manipulation of automatically generated logs in IoT devices, significantly compromising the attacked device and making it susceptible to malicious code execution, which may lead to further destructive cyberattacks. This paper is the first to comprehensively address log poisoning attacks on IoT systems and devices. We introduce various methodologies to perform such attacks, focusing particularly on practical implementations involving misconfigured log files on Raspberry Pi 4, which is commonly used in IoT applications. We also introduced a technique that advanced adversaries can employ to cover their tracks effectively. Through Intrusion Modes and Criticality Analysis (IMECA), we analyze the severity and potential impact of these attacks and propose mitigation strategies to avoid the occurrence of such attacks. We emphasize the importance of adopting mitigation strategies to maintain the confidentiality, integrity, and reliability of IoT ecosystems. As a further step to counteract the threat, we design a novel technique to detect and mitigate log poisoning attacks.

show abstract

“…Seperti adanya sosial media yang menggunakan teknologi website dengan berbagai jenis platform bahasa pemrograman, seperti PHP yang paling populer di kalangan penyedia layanan Web Hosting. Namun disisi lain banyaknya kejahatan cyber, seiring berkembangnya teknologi menjadi kompetisi di kalangan para cybercrime untuk menjadi yang paling unggul melakukan penetrasi website dan hasilnya diunggah pada situs (Zone-h arsip penyerangan digital, http://www.Zone-h.org) sebagai tanda telah berhasil [1].…”

Section: Pendahuluanunclassified

“…Metode yang berbeda dengan tujuan yang sama untuk mengamankan konfigurasi yang dapat diakses dari direktori lain, yaitu menggunakan suEXEC [1], merupakan sebuah fitur atau modul yang dapat disisipkan ke dalam sebuah web server, terutama Apache yang membuat semua script php yang dibuat dapat memiliki otoritas seperti Unix user. Contohnya, ketika akan membuat sebuah file tidak perlu mengganti otoritas file tersebut, karena pada fungsi PHP suEXEC dijalankan pada masing-masing user.…”

Section: Pendahuluanunclassified

Pengembangan Mekanisme Otentikasi Dan Otorisasi Manajemen Config Pada Kasus Shared Web Hosting Berbasis Linux Container

Saifuddin

Ijtihadie

Pratomo

2016

KINETIK

View full text Add to dashboard Cite

A large part of the service provider's website using an operating system Linux, when one of the websites in the Shared web can be taken over, most likely other websites will also be mastered by reading config connecting to the database, the mechanism used to read a config file with the command in linux by default is available, using the command “ln -s” also known by the term “symlink” who can read the directory where the web, although different config directory.The results show config on web applications that are in the directory in a single server can be read using these methods but can not be decoded to read user, password, and dbname, because it has given authorization can be decoded only from the directory already listed. on testing performance for latency, memory, and CPU system be followed, to get good results the previous system. The test results using the cache, the response time generated when accessed simultaneously by 20 click per user amounted to 941.4 ms for the old system and amounted to 786.6 ms.

show abstract

A Comprehensive Approach to Abusing Locality in Shared Web Hosting Servers

Cited by 7 publications

References 5 publications

Do Content Management Systems Impact the Security of Free Content Websites?

Do Content Management Systems Impact the Security of Free Content Websites?

Log Poisoning Attacks in Internet of Things (IoT)

Pengembangan Mekanisme Otentikasi Dan Otorisasi Manajemen Config Pada Kasus Shared Web Hosting Berbasis Linux Container

Contact Info

Product

Resources

About