Mapping The Application

the first steep in process of attacking the application is gathering and some key information about it to gain a better understanding what are you up against. the mapping exercise begins by enumerating the application content and functionality to understand what the web application does and how it behaves. much of this functionality is easy to identify, but some of it maybe hidden, requiring a degree of guesswork and lucky discover.

• Enumerating Content and Functionality 

In a typical web application, the majority of content and functionality can be identified via manual browsing.

as shown below :

ATTACKING SESSION MANAGEMENT

 The session management mechanism is a fundamental security component in the majority of web applications. It is what enables the applications to uniquely identify a given user across a number of different requests, and to handle data that it accumulates about the state of that user's interaction with the applications. Where an applications implements login functionality, session management is of particular importance, as it what enables the applications to persist its assurance if any given user's identity beyond the requests in which they supply their credential.

Now I'll show you how to attacking session management on a web applications and do some privileges escalation on it.