Page 18 - Cyber Warnings
P. 18
Website Defacement
Website Defacement is an attack where attacker identifies vulnerabilities on a website or web
server and then changes the visual appearance of that website by changing the data available
on that website. The figure 1 and figure 2 shown below is sequence diagram which describes a
common procedure of website defacement. Website Defacement is one of the very common
and the oldest attacks which are still very popular. And the irony is still that very reputed
websites get exploited till today by this attack. Vulnerabilities such as misconfiguration of web
pages, weak passwords etc. leads to website defacement. Website defacement could usually
be text defacement or image defacement.
Figure 1
In Figure 1, as mentioned that attacker will try to find out vulnerabilities on the website like SQL
injection, cross site scripting etc. Once vulnerability found, the attacker will try to exploit these
vulnerabilities and once vulnerabilities exploited the attacker will deface the website i.e. either
by changing the text or image. Similarly as shown below in figure 2, it may be possible that the
attacker will try to gain access to the web server or website management systems, once access
gained, the attacker will have access to the source files hosted on these servers. To deface,
18 Cyber Warnings E-Magazine November 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
