Size: px
Start display at page:

Download ""

Transcription

1 Overview Cross-Site Scripting (XSS) Christopher Lam Introduction Description Programming Languages used Types of Attacks Reasons for XSS Utilization Attack Scenarios Steps to an XSS Attack Compromises to not fixing CSS/XSS holes Methodology How to protect against XSS Conclusion Introduction Most web sites today contain dynamic content which makes a website more enjoyable By creating a dynamic web site you are making yourself susceptible to a popular and very powerful security vulnerability This threat is called Cross-Site Scripting Also known as XSS, it is defined as the number one and utmost prevalent web site vulnerability on the internet What is a XSS Attack? XSS Attack is a potentially dangerous security vulnerability found in web-based based applications It allows a variety of code to be injected by a malicious user into a webpage XSS is very easy to execute and very long and arduous to repair Takes about 52 days to fix an XSS hole XSS holes are found in commercial products every month During an attack everything looks fine to the end user, but in actuality they are subject to an endless amount of threats Originally known as (CSS) confused for Cascading Style Sheets

2 Programming Languages Utilized in XSS Attacks Sun Microsystems's Java Client-side Script JavaScript Action Script VB Script Microsoft s Active X Adobe s Flash HTML or XHTML RSS and Atom feeds Types of XSS Attacks DOM-Based or Type 0 (Local) Document Object Model Standard object model for representing html or xhtml Problem exists within the page s client side script If an attacker hosts a malicious site, which contains a vulnerable website on a clients local system, a script can be injected Now the attacker can run the privileges of that users browser on their system Local Zone Can be either persistent or non-persistent Types of XSS Attacks (contd.) Non-Persistent or Type 1 (Reflected) Most common type With invalidated user-supplied supplied data in a resulting webpage without html encoding, client-side code can be injected into the dynamic page Then with some social engineering (Manipulating someone to perform actions) An attacker convinces a user to follow a malicious URL which injects code into the resulting page Now the attacker has full access to that pages content

3 Types of XSS Attacks (contd.) Persistent or Type 2 (Stored or Second order) Allows the most powerful kinds of attacks First data is stored in a server provided by a web application It is later shown to a user on a webpage without any html encoding Ex: Online message board that allows users to post messages for other users to read With this method, malicious scripts can be provided more then once An attack can affect a large amount of users and the application can also be infected by a XSS Virus or Worm XSS Attacks Used For: Hijacking Accounts False Advertising & inserting hostile content Cookie theft/poisoning & defacing websites Changing of users settings Conducting phishing attacks Attack Scenario (1 of 3) DOM-Based Attack 1. Mallory sends via a URL of a maliciously constructed webpage to Alice 2. Alice receives and clicks the link 3. The malicious webpage's JavaScript opens up a vulnerable HTML page locally on Alice's computer 4. The vulnerable page containing the JavaScript then executes on Alice s computers local zone 5. Now Mallory's malicious code can run commands with all privileges on Alice s computer Attack Scenario (2 of 3) Non-Persistent Attack 1. Alice visits Bob s website frequently and logs in with a username and password Site stores billing information 2. Mallory notices that Bob s website contains a type 1 XSS vulnerability 3. Mallory then creates a URL to exploit that vulnerability, and then sends Alice an making it look like it came from Bob 4. While logged into Bob s site, Alice views the URL 5. The malicious script then poses as Bob s site, and steals Alice s session cookie and sends it to Mallory 6. With Alice s cookie, Mallory can steal everything

4 Attack Scenario (3 of 3) Persistent Attack 1. Bob hosts a site that allows users to post messages to be viewed by other users at a later time 2. Mallory notices that Bob s site has a Stored XSS vulnerability 3. Mallory then posts a controversial message which encourages more users to view it 4. After viewing the posted message, all the users session cookies are sent to Mallory s web server without them knowing 5. Later on Mallory can log in as whom ever she wants and post messages posing as them Steps to an XSS Attack Select a target Testing Find an XSS hole, and look if it has any cookies If it has a cookie, then you have found a target Insert code or script pointing to the vulnerability Make sure the page does not appear broken XSS Execution Send your crafted URL to launch it (Hex encode it) More experienced attackers would do a few redirects to steal cookies, return to site, then attack them harder Decide what to do with the data After collecting data, see if Account Hijacking is possible Not Fixing CSS/XSS Holes Compromises: Account being taken over Hacker publishing a warning about your company not fixing its problems Damages your companies reputation Lack of security measures Shows clients you are not doing anything Trust issues Why do business with you if there is no trust Methodology Before Implementing XSS custom tag library encoding A Successful XSS Attack that causes a popup to appear in the users browser

5 Methodology (contd.) After Implementing XSS custom tag library encoding The XSS custom tag library makes sure the generated web pages are properly encoded It protects itself from any malicious attack This webpage is displaying erroneous code because the custom tag library prevents insertion of malicious script How to Protect Against XSS < = &LT ( = &#40 = &#34 # = &#35 % = &#37 + = &#43 > = &GT ) = &#41 = &#39 & = &#38 ; = &#59 - = &#45 Never trust Input & Always filter metacharacters View material only from official websites It will eliminate almost 90% of problems Be cautious when reading s, discussion boards, posts, etc. Turn off JavaScript in browser settings In IE, turn security settings on high Custom tag Libraries Conclusion XSS is defined as the number one and utmost prevalent website vulnerability on the internet No one is ever completely safe from XSS Can not be expected to write flawless code or have round the clock personnel to answer all possible vulnerability issues As XSS vulnerabilities continue to grow, the best way to protect yourself from it is to be careful and be aware of its existence References csscript/ Picture References ipting%2bbug.png&imgrefurl= 7A8nC- 4J6Jd1heOY4HEg1bo4YRQ=&h=592&w=709&sz=292&hl=en&start=60&tbnid=bytIySB5LrMoKM:&tbnh=117&tbnw=140&prev=/images %3Fq%3Dcross-site%2Bscripting%26start%3D40%26gbv%3D2%26ndsp%3D20%26hl%3Den%26sa%3DN site%2bscripting%26start%3d40%26gbv%3d2%26ndsp%3d20%26hl%3den%26sa%3dn Script.png&imgrefurl= rjx_euzpz0y8_tewb818rzd8ccs=&h=200&w=200&sz=37&hl=en &start=225&tbnid=5ulzgglj0pphmm:&tbnh=104&tbnw=104&prev=/images%3fq%3dcross- site%2bscripting%26start%3d220%26gbv%3d2%26ndsp%3d20%26hl%3den%26sa%3dn u%25 2Fimages%252Fnews%252Fphishingmoney.jpg%26w%3D218&imgrefurl= and- ebay-hook-up-on-phisher- blocker.aspx&usg= 9kqYJaZ4d7WxWMuzvcv_VENQy6Q=&h=329&w=218&sz=19&hl=en&start=299&tbnid=0A- rllxgiugeqm:&tbnh=119&tbnw=79&prev=/images%3fq%3dcross- site%2bscripting%26start%3d280%26gbv%3d2%26ndsp%3d20%26hl%3den%26sa%3dn

6 THE END! Beware of the Cross - Eyed Scripting Bug!

The security of Mozilla Firefox s Extensions. Kristjan Krips

The security of Mozilla Firefox s Extensions. Kristjan Krips The security of Mozilla Firefox s Extensions Kristjan Krips Topics Introduction The extension model How could extensions be used for attacks - website defacement - phishing attacks - cross site scripting

More information

Application Layer Attacks. Application Layer Attacks. Application Layer. Application Layer. Internet Protocols. Application Layer.

Application Layer Attacks. Application Layer Attacks. Application Layer. Application Layer. Internet Protocols. Application Layer. Application Layer Attacks Application Layer Attacks Week 2 Part 2 Attacks Against Programs Application Layer Application Layer Attacks come in many forms and can target each of the 5 network protocol layers

More information

Web Application Security. Philippe Bogaerts

Web Application Security. Philippe Bogaerts Web Application Security Philippe Bogaerts OWASP TOP 10 3 Aim of the OWASP Top 10 educate developers, designers, architects and organizations about the consequences of the most common web application security

More information

CIS 4360 Secure Computer Systems XSS

CIS 4360 Secure Computer Systems XSS CIS 4360 Secure Computer Systems XSS Professor Qiang Zeng Spring 2017 Some slides are adapted from the web pages by Kallin and Valbuena Previous Class Two important criteria to evaluate an Intrusion Detection

More information

CSC 482/582: Computer Security. Cross-Site Security

CSC 482/582: Computer Security. Cross-Site Security Cross-Site Security 8chan xss via html 5 storage ex http://arstechnica.com/security/2015/09/serious- imgur-bug-exploited-to-execute-worm-like-attack-on- 8chan-users/ Topics 1. Same Origin Policy 2. Credential

More information

THREAT MODELING IN SOCIAL NETWORKS. Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda

THREAT MODELING IN SOCIAL NETWORKS. Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda THREAT MODELING IN SOCIAL NETWORKS Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda INTRODUCTION Social Networks popular web service. 62% adults worldwide use social media 65% of world top companies

More information

Copyright

Copyright 1 Security Test EXTRA Workshop : ANSWER THESE QUESTIONS 1. What do you consider to be the biggest security issues with mobile phones? 2. How seriously are consumers and companies taking these threats?

More information

Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any

Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any OWASP Top 10 Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any tester can (and should) do security testing

More information

CSCE 813 Internet Security Case Study II: XSS

CSCE 813 Internet Security Case Study II: XSS CSCE 813 Internet Security Case Study II: XSS Professor Lisa Luo Fall 2017 Outline Cross-site Scripting (XSS) Attacks Prevention 2 What is XSS? Cross-site scripting (XSS) is a code injection attack that

More information

Is Browsing Safe? Web Browser Security. Subverting the Browser. Browser Security Model. XSS / Script Injection. 1. XSS / Script Injection

Is Browsing Safe? Web Browser Security. Subverting the Browser. Browser Security Model. XSS / Script Injection. 1. XSS / Script Injection Is Browsing Safe? Web Browser Security Charlie Reis Guest Lecture - CSE 490K - 5/24/2007 Send Spam Search Results Change Address? Install Malware Web Mail Movie Rentals 2 Browser Security Model Pages are

More information

W e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s

W e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s W e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s Session I of III JD Nir, Security Analyst Why is this important? ISE Proprietary Agenda About ISE Web Applications

More information

Presented By Rick Deacon DEFCON 15 August 3-5, 2007

Presented By Rick Deacon DEFCON 15 August 3-5, 2007 Hacking Social Lives: MySpace.com Presented By Rick Deacon DEFCON 15 August 3-5, 2007 A Quick Introduction Full-time IT Specialist at a CPA firm located in Beachwood, OH. Part-time Student at Lorain County

More information

Information Security CS 526 Topic 11

Information Security CS 526 Topic 11 Information Security CS 526 Topic 11 Web Security Part 1 1 Readings for This Lecture Wikipedia HTTP Cookie Same Origin Policy Cross Site Scripting Cross Site Request Forgery 2 Background Many sensitive

More information

Computer Security 3e. Dieter Gollmann. Chapter 18: 1

Computer Security 3e. Dieter Gollmann.  Chapter 18: 1 Computer Security 3e Dieter Gollmann www.wiley.com/college/gollmann Chapter 18: 1 Chapter 18: Web Security Chapter 18: 2 Web 1.0 browser HTTP request HTML + CSS data web server backend systems Chapter

More information

Web basics: HTTP cookies

Web basics: HTTP cookies Web basics: HTTP cookies Myrto Arapinis School of Informatics University of Edinburgh February 11, 2016 1 / 27 How is state managed in HTTP sessions HTTP is stateless: when a client sends a request, the

More information

Web basics: HTTP cookies

Web basics: HTTP cookies Web basics: HTTP cookies Myrto Arapinis School of Informatics University of Edinburgh November 20, 2017 1 / 32 How is state managed in HTTP sessions HTTP is stateless: when a client sends a request, the

More information

How is state managed in HTTP sessions. Web basics: HTTP cookies. Hidden fields (2) The principle. Disadvantage of this approach

How is state managed in HTTP sessions. Web basics: HTTP cookies. Hidden fields (2) The principle. Disadvantage of this approach Web basics: HTTP cookies Myrto Arapinis School of Informatics University of Edinburgh March 30, 2015 How is state managed in HTTP sessions HTTP is stateless: when a client sends a request, the server sends

More information

Web Application with AJAX. Kateb, Faris; Ahmed, Mohammed; Alzahrani, Omar. University of Colorado, Colorado Springs

Web Application with AJAX. Kateb, Faris; Ahmed, Mohammed; Alzahrani, Omar. University of Colorado, Colorado Springs Web Application with AJAX Kateb, Faris; Ahmed, Mohammed; Alzahrani, Omar University of Colorado, Colorado Springs CS 526 Advanced Internet and Web Systems Abstract Asynchronous JavaScript and XML or Ajax

More information

Client Side Injection on Web Applications

Client Side Injection on Web Applications Client Side Injection on Web Applications Author: Milad Khoshdel Blog: https://blog.regux.com Email: miladkhoshdel@gmail.com 1 P a g e Contents INTRODUCTION... 3 HTML Injection Vulnerability... 4 How to

More information

Webomania Solutions Pvt. Ltd. 2017

Webomania Solutions Pvt. Ltd. 2017 The other name for link manipulation is Phishing or you can say link manipulation is type of phishing attack done generally to mislead the user to a replica website or a looka-like of some well-known site.

More information

MTAT Research Seminar in Cryptography The Security of Mozilla Firefox s Extensions

MTAT Research Seminar in Cryptography The Security of Mozilla Firefox s Extensions MTAT.07.019 Research Seminar in Cryptography The Security of Mozilla Firefox s Extensions Kristjan Krips 1 Introduction Mozilla Firefox has 24.05% of the recorded usage share of web browsers as of October

More information

Web Application Security

Web Application Security Web Application Security Rajendra Kachhwaha rajendra1983@gmail.com October 16, 2015 Lecture 16: 1/ 14 Outline Browser Security Principles: 1 Cross Site Scripting (XSS) 2 Types of XSS 3 Lecture 16: 2/ 14

More information

WEB SECURITY: XSS & CSRF

WEB SECURITY: XSS & CSRF WEB SECURITY: XSS & CSRF CMSC 414 FEB 22 2018 Cross-Site Request Forgery (CSRF) URLs with side-effects http://bank.com/transfer.cgi?amt=9999&to=attacker GET requests should have no side-effects, but often

More information

P2_L12 Web Security Page 1

P2_L12 Web Security Page 1 P2_L12 Web Security Page 1 Reference: Computer Security by Stallings and Brown, Chapter (not specified) The web is an extension of our computing environment, because most of our daily tasks involve interaction

More information

Security: Threats and Countermeasures. Stanley Tan Academic Program Manager Microsoft Singapore

Security: Threats and Countermeasures. Stanley Tan Academic Program Manager Microsoft Singapore Security: Threats and Countermeasures Stanley Tan Academic Program Manager Microsoft Singapore Session Agenda Types of threats Threats against the application Countermeasures against the threats Types

More information

WebGoat Lab session overview

WebGoat Lab session overview WebGoat Lab session overview Initial Setup Virtual Machine Tamper Data Web Goat Basics HTTP Basics Sniffing Web server attacks SQL Injection XSS INITIAL SETUP Tamper Data Hold alt to reveal the menu in

More information

OWASP Top 10 The Ten Most Critical Web Application Security Risks

OWASP Top 10 The Ten Most Critical Web Application Security Risks OWASP Top 10 The Ten Most Critical Web Application Security Risks The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop, purchase, and maintain

More information

Finding Vulnerabilities in Web Applications

Finding Vulnerabilities in Web Applications Finding Vulnerabilities in Web Applications Christopher Kruegel, Technical University Vienna Evolving Networks, Evolving Threats The past few years have witnessed a significant increase in the number of

More information

Application vulnerabilities and defences

Application vulnerabilities and defences Application vulnerabilities and defences In this lecture We examine the following : SQL injection XSS CSRF SQL injection SQL injection is a basic attack used to either gain unauthorized access to a database

More information

Information Security CS 526 Topic 8

Information Security CS 526 Topic 8 Information Security CS 526 Topic 8 Web Security Part 1 1 Readings for This Lecture Wikipedia HTTP Cookie Same Origin Policy Cross Site Scripting Cross Site Request Forgery 2 Background Many sensitive

More information

Attacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14

Attacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14 Attacks Against Websites 3 The OWASP Top 10 Tom Chothia Computer Security, Lecture 14 OWASP top 10. The Open Web Application Security Project Open public effort to improve web security: Many useful documents.

More information

C1: Define Security Requirements

C1: Define Security Requirements OWASP Top 10 Proactive Controls IEEE Top 10 Software Security Design Flaws OWASP Top 10 Vulnerabilities Mitigated OWASP Mobile Top 10 Vulnerabilities Mitigated C1: Define Security Requirements A security

More information

Chrome Extension Security Architecture

Chrome Extension Security Architecture Chrome Extension Security Architecture Presenter: Jienan Liu Network, Intelligence & security Lab outline Chrome extension introduction Threats towards extension Chrome extension s security architecture

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems Security+ Guide to Network Security Fundamentals, Third Edition Chapter 3 Protecting Systems Objectives Explain how to harden operating systems List ways to prevent attacks through a Web browser Define

More information

e-commerce Study Guide Test 2. Security Chapter 10

e-commerce Study Guide Test 2. Security Chapter 10 e-commerce Study Guide Test 2. Security Chapter 10 True/False Indicate whether the sentence or statement is true or false. 1. Necessity refers to preventing data delays or denials (removal) within the

More information

NET 311 INFORMATION SECURITY

NET 311 INFORMATION SECURITY NET 311 INFORMATION SECURITY Networks and Communication Department Lec12: Software Security / Vulnerabilities lecture contents: o Vulnerabilities in programs Buffer Overflow Cross-site Scripting (XSS)

More information

WEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang

WEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang WEB SECURITY WORKSHOP TEXSAW 2014 Presented by Solomon Boyd and Jiayang Wang Introduction and Background Targets Web Applications Web Pages Databases Goals Steal data Gain access to system Bypass authentication

More information

CS 161 Computer Security

CS 161 Computer Security Wagner Spring 2014 CS 161 Computer Security Midterm 1 Print your name:, (last) (first) I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that academic misconduct will be reported

More information

Evaluating the Security Risks of Static vs. Dynamic Websites

Evaluating the Security Risks of Static vs. Dynamic Websites Evaluating the Security Risks of Static vs. Dynamic Websites Ballard Blair Comp 116: Introduction to Computer Security Professor Ming Chow December 13, 2017 Abstract This research paper aims to outline

More information

Cross-Site Scripting (XSS) Professor Larry Heimann Web Application Security Information Systems

Cross-Site Scripting (XSS) Professor Larry Heimann Web Application Security Information Systems Cross-Site Scripting (XSS) Professor Larry Heimann Web Application Security Information Systems Browser same origin policy Key security principle: a web browser permits scripts contained in a first web

More information

7.2.4 on Media content; on XSS) sws2 1

7.2.4 on Media content; on XSS) sws2 1 Software and Web Security 2 Attacks on Clients (Section 7.1.3 on JavaScript; 7.2.4 on Media content; 7.2.6 on XSS) sws2 1 Last week: web server can be attacked by malicious input web browser web server

More information

shortcut Tap into learning NOW! Visit for a complete list of Short Cuts. Your Short Cut to Knowledge

shortcut Tap into learning NOW! Visit  for a complete list of Short Cuts. Your Short Cut to Knowledge shortcut Your Short Cut to Knowledge The following is an excerpt from a Short Cut published by one of the Pearson Education imprints. Short Cuts are short, concise, PDF documents designed specifically

More information

CSCD 303 Essential Computer Security Fall 2018

CSCD 303 Essential Computer Security Fall 2018 CSCD 303 Essential Computer Security Fall 2018 Lecture 17 XSS, SQL Injection and CRSF Reading: See links - End of Slides Overview Idea of XSS, CSRF and SQL injection is to violate security of Web Browser/Server

More information

DEFENSIVE PROGRAMMING. Lecture for EDA 263 Magnus Almgren Department of Computer Science and Engineering Chalmers University of Technology

DEFENSIVE PROGRAMMING. Lecture for EDA 263 Magnus Almgren Department of Computer Science and Engineering Chalmers University of Technology DEFENSIVE PROGRAMMING Lecture for EDA 263 Magnus Almgren Department of Computer Science and Engineering Chalmers University of Technology Traditional Programming When writing a program, programmers typically

More information

Information Security. Gabriel Lawrence Director, IT Security UCSD

Information Security. Gabriel Lawrence Director, IT Security UCSD Information Security Gabriel Lawrence Director, IT Security UCSD Director of IT Security, UCSD Three Startups (2 still around!) Sun Microsystems (Consulting and JavaSoftware) Secure Internet Applications

More information

Attacks Against Websites. Tom Chothia Computer Security, Lecture 11

Attacks Against Websites. Tom Chothia Computer Security, Lecture 11 Attacks Against Websites Tom Chothia Computer Security, Lecture 11 A typical web set up TLS Server HTTP GET cookie Client HTML HTTP file HTML PHP process Display PHP SQL Typical Web Setup HTTP website:

More information

Attacking Web2.0. Daiki Fukumori Secure Sky Technology Inc.

Attacking Web2.0. Daiki Fukumori Secure Sky Technology Inc. Attacking Web2.0 Daiki Fukumori Secure Sky Technology Inc. Agenda Introduction What Is Web2.0 (from Attackers view) Attacking Same-Origin Policy Advanced Attacking Same-Origin

More information

CSE361 Web Security. Attacks against the client-side of web applications. Nick Nikiforakis

CSE361 Web Security. Attacks against the client-side of web applications. Nick Nikiforakis CSE361 Web Security Attacks against the client-side of web applications Nick Nikiforakis nick@cs.stonybrook.edu Despite the same origin policy Many things can go wrong at the client-side of a web application

More information

Top 10 AJAX security holes & driving factors

Top 10 AJAX security holes & driving factors Top 10 AJAX security holes & driving factors Shreeraj Shah Founder, Net Square shreeraj@net-square.com Introduction One of the central ingredients of Web 2.0 applications is Ajax encompassed by JavaScripts.

More information

CSC 405 Computer Security. Web Security

CSC 405 Computer Security. Web Security CSC 405 Computer Security Web Security Alexandros Kapravelos akaprav@ncsu.edu (Derived from slides by Giovanni Vigna and Adam Doupe) 1 Cross-Site Scripting (XSS) XSS attacks are used to bypass JavaScript's

More information

MWR InfoSecurity Advisory. 26 th April Elastic Path Administrative. Quit. Session Hijacking through Embedded XSS

MWR InfoSecurity Advisory. 26 th April Elastic Path Administrative. Quit. Session Hijacking through Embedded XSS Quit MWR InfoSecurity Advisory Elastic Path Administrative Session Hijacking through Embedded XSS 26 th April 2007 2007-04-26 1 of 7 INDEX 1 Detailed Vulnerability description...4 1.1 Introduction...4

More information

Security and Privacy. SWE 432, Fall 2016 Design and Implementation of Software for the Web

Security and Privacy. SWE 432, Fall 2016 Design and Implementation of Software for the Web Security and Privacy SWE 432, Fall 2016 Design and Implementation of Software for the Web Today Security What is it? Most important types of attacks Privacy For further reading: https://www.owasp.org/index.php/

More information

RKN 2015 Application Layer Short Summary

RKN 2015 Application Layer Short Summary RKN 2015 Application Layer Short Summary HTTP standard version now: 1.1 (former 1.0 HTTP /2.0 in draft form, already used HTTP Requests Headers and body counterpart: answer Safe methods (requests): GET,

More information

Hacking Intranet Websites from the Outside

Hacking Intranet Websites from the Outside 1 Hacking Intranet Websites from the Outside "JavaScript malware just got a lot more dangerous" Black Hat (Japan) 10.05.2006 Jeremiah Grossman (Founder and CTO) WhiteHat Security 2 WhiteHat Sentinel -

More information

CROSS SIIE SCRIPIING EXPlOITS AND DEFENSE

CROSS SIIE SCRIPIING EXPlOITS AND DEFENSE CROSS SIIE SCRIPIING EXPlOITS AND DEFENSE J erma Grossman bert "RSnake" Hansen ko pdp" 0 Petkov on Rager th Fogie Technical Editor and Co-Author Contents Chapter 1 Cross-site Scripting Fundamentals 1 Introduetion

More information

3.5 SECURITY. How can you reduce the risk of getting a virus?

3.5 SECURITY. How can you reduce the risk of getting a virus? 3.5 SECURITY 3.5.4 MALWARE WHAT IS MALWARE? Malware, short for malicious software, is any software used to disrupt the computer s operation, gather sensitive information without your knowledge, or gain

More information

Developing Web Applications

Developing Web Applications Developing Web Applications Ralph Moseley Middlesex University IIICENTCNNIAL 1807 ewiley 2007 13ICCNTENNIAL John Wiley & Sons, Ltd Preface Introduction Features Additional Materials Trademarks Acknowledgments

More information

Computer Security CS 426 Lecture 41

Computer Security CS 426 Lecture 41 Computer Security CS 426 Lecture 41 StuxNet, Cross Site Scripting & Cross Site Request Forgery CS426 Fall 2010/Lecture 36 1 StuxNet: Overview Windows-based Worm First reported in June 2010, the general

More information

Secure Web Application: Preventing Application Injections

Secure Web Application: Preventing Application Injections 2016 IJSRSET Volume 2 Issue 1 Print ISSN : 2395-1990 Online ISSN : 2394-4099 Themed Section: Engineering and Technology Secure Web Application: Preventing Application Injections Chokhawala Kirit I., Dr.

More information

2/16/18. CYSE 411/AIT 681 Secure Software Engineering. Secure Coding. The Web. Topic #11. Web Security. Instructor: Dr. Kun Sun

2/16/18. CYSE 411/AIT 681 Secure Software Engineering. Secure Coding. The Web. Topic #11. Web Security. Instructor: Dr. Kun Sun CYSE 411/AIT 681 Secure Software Engineering Topic #11. Web Security Instructor: Dr. Kun Sun Secure Coding String management Pointer Subterfuge Dynamic memory management Integer security Formatted output

More information

ANATOMY OF AN ATTACK!

ANATOMY OF AN ATTACK! ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable

More information

Web Security II. Slides from M. Hicks, University of Maryland

Web Security II. Slides from M. Hicks, University of Maryland Web Security II Slides from M. Hicks, University of Maryland Recall: Putting State to HTTP Web application maintains ephemeral state Server processing often produces intermediate results; not long-lived

More information

EXPLOIT KITS. Tech Talk - Fall Josh Stroschein - Dakota State University

EXPLOIT KITS. Tech Talk - Fall Josh Stroschein - Dakota State University EXPLOIT KITS Tech Talk - Fall 2016 Josh Stroschein - Dakota State University Delivery Methods Spam/Spear-phishing Delivery Methods Spam/Spear-phishing Office Documents Generally refer to MS office suite

More information

CSCD 303 Essential Computer Security Fall 2017

CSCD 303 Essential Computer Security Fall 2017 CSCD 303 Essential Computer Security Fall 2017 Lecture 18a XSS, SQL Injection and CRSF Reading: See links - End of Slides Overview Idea of XSS, CSRF and SQL injection is to violate the security of the

More information

CS 161 Computer Security

CS 161 Computer Security Paxson Spring 2017 CS 161 Computer Security Midterm 1 Print your name:, (last) (first) I am aware of the Berkeley Campus Code of Student Conduct and acknowledge that any academic misconduct will be reported

More information

Security and Privacy

Security and Privacy E-mail Security and Privacy Department of Computer Science Montclair State University Course : CMPT 320 Internet/Intranet Security Semester : Fall 2008 Student Instructor : Alex Chen : Dr. Stefan Robila

More information

Web 2.0 Attacks Explained

Web 2.0 Attacks Explained Web 2.0 Attacks Explained Kiran Maraju, CISSP, CEH, ITIL, ISO27001, SCJP Email: Kiran_maraju@yahoo.com Abstract This paper details various security concerns and risks associated with web 2.0 technologies

More information

CS390S, Week 11:Web Application Security Issues

CS390S, Week 11:Web Application Security Issues CS390S, Week 11:Web Application Security Issues Pascal Meunier, Ph.D., M.Sc., CISSP March 14, 2008 Developed thanks to support and contributions from Symantec Corporation, support from the NSF SFS Capacity

More information

Security issues. Unit 27 Web Server Scripting Extended Diploma in ICT 2016 Lecture: Phil Smith

Security issues. Unit 27 Web Server Scripting Extended Diploma in ICT 2016 Lecture: Phil Smith Security issues Unit 27 Web Server Scripting Extended Diploma in ICT 2016 Lecture: Phil Smith Criteria D3 D3 Recommend ways to improve web security when using web server scripting Clean browser input Don

More information

Web Application Attacks

Web Application Attacks Web Application Attacks What can an attacker do and just how hard is it? By Damon P. Cortesi IOActive, Inc. Comprehensive Computer Security Services www.ioactive.com cortesi:~

More information

John Coggeshall Copyright 2006, Zend Technologies Inc.

John Coggeshall Copyright 2006, Zend Technologies Inc. PHP Security Basics John Coggeshall Copyright 2006, Zend Technologies Inc. Welcome! Welcome to PHP Security Basics Who am I: John Coggeshall Lead, North American Professional Services PHP 5 Core Contributor

More information

HP 2012 Cyber Security Risk Report Overview

HP 2012 Cyber Security Risk Report Overview HP 2012 Cyber Security Risk Report Overview September 2013 Paras Shah Software Security Assurance - Canada Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject

More information

OWASP Top 10 Risks. Many thanks to Dave Wichers & OWASP

OWASP Top 10 Risks. Many thanks to Dave Wichers & OWASP OWASP Top 10 Risks Dean.Bushmiller@ExpandingSecurity.com Many thanks to Dave Wichers & OWASP My Mom I got on the email and did a google on my boy My boy works in this Internet thing He makes cyber cafes

More information

Ethical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities

Ethical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities Ethical Hacking and Countermeasures: Web Chapter 3 Web Application Vulnerabilities Objectives After completing this chapter, you should be able to: Understand the architecture of Web applications Understand

More information

XSS Homework. 1 Overview. 2 Lab Environment

XSS Homework. 1 Overview. 2 Lab Environment XSS Homework 1 Overview Cross-site scripting (XSS) is a type of vulnerability commonly found in web applications. This vulnerability makes it possible for attackers to inject malicious code (e.g. JavaScript

More information

INF3700 Informasjonsteknologi og samfunn. Application Security. Audun Jøsang University of Oslo Spring 2015

INF3700 Informasjonsteknologi og samfunn. Application Security. Audun Jøsang University of Oslo Spring 2015 INF3700 Informasjonsteknologi og samfunn Application Security Audun Jøsang University of Oslo Spring 2015 Outline Application Security Malicious Software Attacks on applications 2 Malicious Software 3

More information

CS 161 Computer Security

CS 161 Computer Security Paxson Spring 2017 CS 161 Computer Security Discussion 4 Week of February 13, 2017 Question 1 Clickjacking (5 min) Watch the following video: https://www.youtube.com/watch?v=sw8ch-m3n8m Question 2 Session

More information

CS 161 Computer Security

CS 161 Computer Security Raluca Ada Popa Spring 2018 CS 161 Computer Security Discussion 9 Week of March 19, 2018 Question 1 Warmup: SOP (15 min) The Same Origin Policy (SOP) helps browsers maintain a sandboxed model by preventing

More information

Integrity attacks (from data to code): Cross-site Scripting - XSS

Integrity attacks (from data to code): Cross-site Scripting - XSS Pattern Recognition and Applications Lab Integrity attacks (from data to code): Cross-site Scripting - XSS Igino Corona igino.corona (at) diee.unica.it Computer Security April 12, 2018 Department of Electrical

More information

Andrew Muller, Canberra Managing Director, Ionize, Canberra The challenges of Security Testing. Security Testing. Taming the Wild West

Andrew Muller, Canberra Managing Director, Ionize, Canberra The challenges of Security Testing. Security Testing. Taming the Wild West Andrew Muller, Canberra Managing Director, Ionize, Canberra The challenges of Security Testing Advancing Expertise in Security Testing Taming the Wild West Canberra, Australia 1 Who is this guy? Andrew

More information

Acknowledgments... xix

Acknowledgments... xix CONTENTS IN DETAIL PREFACE xvii Acknowledgments... xix 1 SECURITY IN THE WORLD OF WEB APPLICATIONS 1 Information Security in a Nutshell... 1 Flirting with Formal Solutions... 2 Enter Risk Management...

More information

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0 Author: Tonny Rabjerg Version: 20150730 Company Presentation WSF 4.0 WSF 4.0 Cybercrime is a growth industry. The returns are great, and the risks are low. We estimate that the likely annual cost to the

More information

Web Attacks CMSC 414. September 25 & 27, 2017

Web Attacks CMSC 414. September 25 & 27, 2017 Web Attacks CMSC 414 September 25 & 27, 2017 Overview SQL Injection is frequently implemented as a web-based attack, but doesn t necessarily need to be There are a wide variety of web-based attacks Some

More information

Unique Phishing Attacks (2008 vs in thousands)

Unique Phishing Attacks (2008 vs in thousands) The process of attempting to acquire sensitive information, such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. In the 2 nd half

More information

CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS

CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS 180 CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS 8.1 SUMMARY This research has focused on developing a Web Applications Secure System from Code Injection Vulnerabilities through Web Services (WAPS-CIVS),

More information

Security Testing White Paper

Security Testing White Paper Security Testing White Paper Table of Contents 1. Introduction... 3 2. Need for Security Testing... 4 3. Security Testing Framework... 5 3.1 THREAT ANALYSIS... 6 3.1.1 Application Overview... 8 3.1.2 System

More information

Web insecurity Security strategies General security Listing of server-side risks Language specific security. Web Security.

Web insecurity Security strategies General security Listing of server-side risks Language specific security. Web Security. Web Security Web Programming Uta Priss ZELL, Ostfalia University 2013 Web Programming Web Security Slide 1/25 Outline Web insecurity Security strategies General security Listing of server-side risks Language

More information

Lecture 17 Browser Security. Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Some slides from Bailey's ECE 422

Lecture 17 Browser Security. Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Some slides from Bailey's ECE 422 Lecture 17 Browser Security Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Some slides from Bailey's ECE 422 Documents Browser's fundamental role is to display documents comprised

More information

Portcullis Computer Security.

Portcullis Computer Security. Portcullis Computer Security www.portcullis-security.com How to detect and exploit %99 of XSS Vulnerabilities 2 April 2008 Portcullis Computer Security Limited 2 XSS? So What? Recently XSS has proven to

More information

Detecting XSS Based Web Application Vulnerabilities

Detecting XSS Based Web Application Vulnerabilities Detecting XSS Based Web Application Vulnerabilities M.S.Jasmine M.Tech (ISCF).Student, Department of Information Technology SRM University, TamilNadu,India jasmine.srakj@gmail.com Kirthiga Devi Assistant

More information

Excerpts of Web Application Security focusing on Data Validation. adapted for F.I.S.T. 2004, Frankfurt

Excerpts of Web Application Security focusing on Data Validation. adapted for F.I.S.T. 2004, Frankfurt Excerpts of Web Application Security focusing on Data Validation adapted for F.I.S.T. 2004, Frankfurt by fs Purpose of this course: 1. Relate to WA s and get a basic understanding of them 2. Understand

More information

Web Application Vulnerabilities: OWASP Top 10 Revisited

Web Application Vulnerabilities: OWASP Top 10 Revisited Pattern Recognition and Applications Lab Web Application Vulnerabilities: OWASP Top 10 Revisited Igino Corona igino.corona AT diee.unica.it Computer Security April 5th, 2018 Department of Electrical and

More information

COMP9321 Web Application Engineering

COMP9321 Web Application Engineering COMP9321 Web Application Engineering Semester 2, 2017 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 http://webapps.cse.unsw.edu.au/webcms2/course/index.php?cid=2465 1 Assignment

More information

PROBLEMS IN PRACTICE: THE WEB MICHAEL ROITZSCH

PROBLEMS IN PRACTICE: THE WEB MICHAEL ROITZSCH Faculty of Computer Science Institute of Systems Architecture, Operating Systems Group PROBLEMS IN PRACTICE: THE WEB MICHAEL ROITZSCH THE WEB AS A DISTRIBUTED SYSTEM 2 WEB HACKING SESSION 3 3-TIER persistent

More information

Prevention Of Cross-Site Scripting Attacks (XSS) On Web Applications In The Client Side

Prevention Of Cross-Site Scripting Attacks (XSS) On Web Applications In The Client Side www.ijcsi.org 650 Prevention Of Cross-Site Scripting Attacks (XSS) On Web Applications In The Client Side S.SHALINI 1, S.USHA 2 1 Department of Computer and Communication, Sri Sairam Engineering College,

More information

GUI based and very easy to use, no security expertise required. Reporting in both HTML and RTF formats - Click here to view the sample report.

GUI based and very easy to use, no security expertise required. Reporting in both HTML and RTF formats - Click here to view the sample report. Report on IRONWASP Software Product: IronWASP Description of the Product: IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing.

More information

2/16/18. Secure Coding. CYSE 411/AIT 681 Secure Software Engineering. Web Security Outline. The Web. The Web, Basically.

2/16/18. Secure Coding. CYSE 411/AIT 681 Secure Software Engineering. Web Security Outline. The Web. The Web, Basically. Secure Coding CYSE 411/AIT 681 Secure Software Engineering Topic #11. Web Security Instructor: Dr. Kun Sun String management Pointer Subterfuge Dynamic memory management Integer security Formatted output

More information

Web security: an introduction to attack techniques and defense methods

Web security: an introduction to attack techniques and defense methods Web security: an introduction to attack techniques and defense methods Mauro Gentile Web Application Security (Elective in Computer Networks) F. d'amore Dept. of Computer, Control, and Management Engineering

More information

CSCE 548 Building Secure Software SQL Injection Attack

CSCE 548 Building Secure Software SQL Injection Attack CSCE 548 Building Secure Software SQL Injection Attack Professor Lisa Luo Spring 2018 Previous class DirtyCOW is a special type of race condition problem It is related to memory mapping We learned how

More information

Aguascalientes Local Chapter. Kickoff

Aguascalientes Local Chapter. Kickoff Aguascalientes Local Chapter Kickoff juan.gama@owasp.org About Us Chapter Leader Juan Gama Application Security Engineer @ Aspect Security 9+ years in Appsec, Testing, Development Maintainer of OWASP Benchmark

More information