Ways of penetration on a hosting


22.000 sites have been scanned, each of which has been checked up from 1 up to 7 times. As a result of scanning 6.000 sites, having vulnerability of an average degree, and more than one and a half thousand the sites having critical vulnerability have been revealed almost.

In opinion of experts if today when the quantity(amount) of new sites increases with huge speed, to not give due attention of information safety of created projects, information value of all Russian Internet can appear under threat of mass ruin and destruction. For today only the company masterhost offers for the clients free-of-charge scanning of sites, therefore to owners the Internet-representations, placed on others a hosting-platforms, it is necessary to be puzzled independently with purchase of services of regular scanning at the companies specializing questions of information safety. Each owner of a site receives the entire account about results of scanning and the recommendation from PTSecurity on their elimination. After a while scanning of a site repeats.

So, we shall pass directly to ways of penetration to a hosting.

The most known ways are:
- Selection of passwords to ftp, and also to control panels a hosting;
- Mistakes(Errors) of managers of sites;
- Vulnerability of the software of a server, scripts;
- Viruses;

These are the general(common) methods by means of which it is possible to get both on a virtual hosting, and on the allocated server.

The safety virtual has the features. We shall consider(examine) standard methods of penetration into system.

The approximate plan attacking:
- Search on a server of the domains containing php a script with vulnerability;
- Use of a script for performance of local commands(teams) (with a level nobody);
- start backdoor;
- Input(Entrance) through backdoor;
- Increase of privileges.

After definition of an opportunity to start programy, attacking pytaetsya to fill in backdoor's, exploit's, bot's .... etc with the purpose to receive high-grade shell, to raise(increase) a level privelegy.

Recently have become frequent vzlomy by means of viruses. Even servers with popular sites are subject to it(this). On sites the virus stealing passwords is hung up. Thus, the quantity(amount) of the infected sites all time grows.
Many managers of sites commit the dangerous mistake(error) attracting both abduction of the information, and its(her) destruction. Appointing(nominating) uniform access rights for all scripts of a site, thus, we potentially allow the malefactor to get full access on behalf of any script. Meaning(keeping in mind), that the greater number of scripts are on a server, the it is more probability of breaking, such wrong approach in distribution of the rights can affect is rather sad on work of a server.
Usually the site consists of several logic parts, the most simple scheme(plan) is those:
- System of administration (management) of a site;
- System of display of a content.

On a site there can be many various modules with different principles of work, for example, votings, the forum, the guest book, system autentifikatsii, a chat, informery, etc. All of them demand frequently absolutely various rights at work with a database.
For example, management provides not only sample of the information of base, as the module of display, but also entering and change. For modern forums the list of opportunities is even more, it both destruction of tables, and change of their properties, and batch import of data. For system of votings on sites updating is required water or entering of data into bases. Thus, we can allocate different modules different "powers", and is more true - the rights.
For the last some years have appeared set of clauses(articles) which warn that hackers use search system google for reception of access to files, to which, on idea, they of access to have should not. In 2001, James Middleton has written clause(article) for vnunet.com in which there was a speech about use by hackers of special words in the search machine(car) google, for a finding of the important bank information: In the message was one of security of conferences it has been told, that having entered ' Index of / +banques +filetype:xls' in a line of search, finally it was possible to catch important / confidential tables Excel of the French banks. The same technology can be used for search of files with passwords.

In other clause(article) which has appeared on wired.com, it is told, how Adrian Lamo, the hacker often getting in reports of computer crimes, used Google to get access to web to sites of large corporations. For example, having entered a phrase " Select a database to view " - the usual phrase used in FileMaker Pro database interface " - Google gives out approximately 200 references(links), the majority from which conduct on page with access to FileMaker for all users. Similar clauses(articles) continued and continued to appear in internet. The governmental and Military sites of the United States too were vulnerable, because the scripts used by managers of sites, it was possible to find easily by means of google. Medical cards(maps), personal records - all could appear unexpectedly in hands of users of this search system. But in clauses(articles) it has been never described, how it is possible to use Google in "such" purposes. Even the example of a line which was entered by the hacker, was not given to a wide audience.