What are port 80 vulnerabilities?

398    Asked by AmitSinha in SQL Server , Asked on Nov 15, 2022

 I heard hackers' top ports to hack computers through are port 80 and port 443. How do they do this though aren't port 80 and port 443 just for HTTP requests such as GET, POST?

Answered by Andrea Bailey

Any open port can be used as an attack vector by a hacker to get into the system. Port 80 and port 443 just happen to be the most common ports open on the servers. Now there are two different ways to get into the system through port 80/443, below are the port 443 and port 80 vulnerabilities -


Exploiting network behaviour.

Exploiting application behaviour. (If any application is listening over port 80/443)

Former includes vulnerabilities in the system stack (platform) itself that is responsible for accepting data through the port and passing it to the application.

Latter includes vulnerabilities in the application, i.e., when the data has already reached the application through the platform.

Most common attacks exploit vulnerabilities in websites running on port 80/443 to get into the system, HTTP protocol itself or HTTP application (apache, nginx etc.) vulnerability.


Your Answer

Interviews

Parent Categories