What Are Port 80 Vulnerabilities That A User Should Be Aware Of?

642    Asked by Amitraj in SQL Server , Asked on Nov 23, 2022

I heard hackers' top ports to hack computers through are port 80 and port 443. How do they do this though aren't port 80 and port 443 just for HTTP requests such as GET, POST?

Answered by Andrea Bailey

Any open port can be used as an attack vector by a hacker to get into the system. Port 80 and port 443 just happen to be the most common ports open on the servers. Now there are two different ways to get into the system through port 80/443:


Exploiting network behaviour.

  • Exploiting application behaviour. (If any application is listening over port 80/443)
  • Former includes vulnerabilities in the system stack (platform) itself that is responsible for accepting data through the port and passing it to the application.
  • Latter includes vulnerabilities in the application, i.e., when the data has already reached the application through the platform.
  • Most common attacks exploit port 443 and port 80 vulnerabilities to get into the system, HTTP protocol itself or HTTP application (apache, nginx etc.) vulnerability.


Your Answer

Interviews

Parent Categories