Abstract
Web applications based on the LAMP stack of Linux, Apache, MySQL, and PHP are important and a common target of attackers. Some web applications like phpMyAdmin are primarily administrative; phpMyAdmin is used to remotely manage MySQL installations. Applications like Joomla and WordPress are content management systems that are used as the back end for many web sites; more than a quarter of web sites use WordPress or Joomla.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
This is the default behavior that can be modified; see below.
- 2.
Note the capitalization in the file name.
- 3.
Again, notice the capitalization.
- 4.
The assumption made in this section is that the original XAMPP installation was to the directory C:\XAMPP. This is the approach taken in Chapter 20 but is not required.
- 5.
In the example, phpMyAdmin is being installed on the SSL-protected web site, hence the https stem rather than http. Adjust as needed.
- 6.
The line spacing has been reformatted to make it (much) easier to read.
- 7.
If the login process succeeds, stop: you have just successfully attacked the login page for the web application. I would consider buying a lottery ticket at this point.
- 8.
See https://downloads.joomla.org/us/technical-requirements-us for details.
- 9.
This decision has some security implications that are discussed later.
- 10.
In some cases, I have launched the installer, but the browser would continue to report that it is “connecting” to the host for installation. A check of the database, the WordPress main site, and the WordPress admin page shows that the installation process concluded.
- 11.
This has been formatted to make it easier to read on the page.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2019 Mike O'Leary
About this chapter
Cite this chapter
O’Leary, M. (2019). Web Applications. In: Cyber Operations. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-4294-0_21
Download citation
DOI: https://doi.org/10.1007/978-1-4842-4294-0_21
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-4293-3
Online ISBN: 978-1-4842-4294-0
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books