Web applications attacks/Intercept data over the network

From aldeid
Jump to navigation Jump to search


The following graph shows how a web page, called from the browser is returned by the server and displayed on the browser.


  1. A page is called from a browser (e.g. click on a link: http://www.aldeid.com/index.php). Request is transmitted over the network to the server.
  2. Server interprets the PHP page and...
  3. ...returns an HTML page that is transmitted back to the client over the network.
  4. HTML page is then interpreted by the browser and is displayed.

Each communication that is transfered from the client to the server and from the server to the client are handled by the HyperText Transfer Protocol (HTTP). This protocol has not for objective to encrypt data. Hence, a hacker can sniff the traffic on the network (promiscuous mode or Man In The Middle Attack) to gather sensitive data.


  • WeGoat, HTTP Basics shows that data that are transmitted over HTTP protocol are in clear. A hacker could intercept the traffic to gather sensitive data (credentials).
  • WebGoat insecure login shows how to sniff credentials over the network.


  • Encrypt sensitive traffic with SSL