Secure Web App. 제목 : Secure Web Application v1.0 ( 채수민책임 ) Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 1 -
|
|
- Dana Bennett
- 6 years ago
- Views:
Transcription
1 Secure Web App. Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 1 -
2 Building & Testing Secure Web Applications By Aspect Security Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 2 -
3 Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 3 -
4 Threat Investment % of Attacks % of Money As Network/Server Security improves, Attackers now Targeting Application core 75% 25% Web Applications Network Servers 10% 90% Maintain security Levels on Network/servers Next move to Strengthen Application layer 75% Of All Attacks on Information Security Are Directed to the Web Application Layer 2/3 Of All Web Application Are Vulnerable - Gartner - Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 4 -
5 Question : What does every web Application Have in common? Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 5 -
6 Answer : Unrestricted Access To Port 80(443) Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 6 -
7 LOGIN ID Id Password pass Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 7 -
8 select name from member where pass= pass and id= id ; Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 8 -
9 LOGIN ID xxx + or + A = A Password pass Copyright 2008 Samsung SDS Co., Ltd. All rights reserved - 9 -
10 where pass= pass and id= xxx or A = A ; Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
11 Rule #1 : Never Trust Anything from the Request Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
12 SQL Injection Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
13 How it Works SQL Injection Bypass the Authentication Already we Checked Get The Data Base DATA union all select 1,TNAME, 3 from tab-- Get The System File mysql : load_file() : union all select 1, 2,load_file( /etc/passwd )-- mssql : xp_dirtree, xp_regread Extended Procedure oracle : utl_file package Perform a System Command mssql : xp_cmdshell search= 1 ; exec master..xp_cmdshell dir c:\ if(db == mssql && user == sa) exec master..xp_cmdshell net user test test /add -- mysql : into outfile Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
14 Real World SQL Injection Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
15 Real World SQL Injection Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
16 Real World SQL Injection Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
17 Best Practice SQL Injection Positive Input Check Check the type which is Number or Character! checktype( [a-za-z], request.getparameter( BOARD_ID )); public boolean checktype(string pattern, String value){ Pattern p = Pattern.compile(pattern); Matcher m = p.matcher(value); return m.matches(); } Negative Input Check --, %23, /*, (single quotation), select, union, chr, char, ETC - replaceall(request.getparameter( BOARD_ID ), select, s-e-l-e-c-t ); - if(param.indexof(badcharacter) > -1) return false; Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
18 Best Practice SQL Injection Using PreparedStatement You should Bind the Variable whenever using PreparedStatement Statement stmt = null; ResultSet rs = null; String sql = null; PreparedStatement p = null; ResultSet rs = null; String sql = null; stmt = conn.createstatement(); sql = select id, name from user where id = + id + and pass= + pass + ; sql = select id, name from user where id =? and pass =? ; p = conn.preparestatement(sql); p.setobject(1, id); p.setobject(2, pass); rs = stmt.executequery(sql); rs = p.executequery(); while(){ Logic } While() { Logic } No Error Message, Remove unnecessary Procedure, DB Link, etc Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
19 Warnings! SQL Injection filtering space is Secure? %09, %13 filtering single quotation is Secure? Numeric Type!! filtering All comment is Secure? if variable is located at the last position of SQL Query? filtering keyword(select, union, etc) is Secure? sele/**/ct, unio/**/n How about Encoding variable?? select chr(65) chr(66) from dual Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
20 Web Shell Upload Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
21 How it Works File Upload Directory Browsing && Read System(source) File Test.java (web shell) public static void main (String[] args){ Process process = Runtime.getRuntime().exec("cmd.exe /c +arg[0]); InputStream is = process.getinputstream(); BufferedReader br = new BufferedReader(new InputStreamReader(is)); String line = null; while ((line = br.readline())!= null) { System.out.println(line); } } [cmd] java Test dir Perform a System Command Of course, You can perform system commands, as well as directory browsing (if firewall has vulnerability) Get a Reverse Shell Let s check out the Real World. Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
22 Real World File Upload Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
23 Real World File Upload Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
24 Best Practice File Upload Positive Input Check check the file type in the Server-Side Code (not in java-script) If(.xls.equals(filename.substring(filename.lastIndexOf(. )).doc.equals(filename.substring(filename.lastindexof(. ))){ ok }else{ throw new Exception(); } Change the user file Directory under(or different Volume of Disk) the Web Document Root Web Document Root : /home/docroot User File Directory : /home/fileroot You should make another Class for File Read. (in safety) Store the User Data in Database. if the Data is a resume, you must save it in Database Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
25 Warnings! File Upload Negative File type Check is Not Secure. If(.jsp.equals(filename.substring(filename.lastIndexOf(. ))){ throw new Exception(); } It can be bypassed the check routine by js%70, jsp[space] How about upper case, lower case or mixed Change Directory is Secure?? (if directory traversal is worked) Hacker can change the Upload Directory. Prevent the directory traversal!! How about Check the file type? POST /upload.jsp HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms d936b2850a9c Content-Disposition: form-data; name="filename_0"; filename="c:\sec_visual.jpg" Content-Type: image/pjpeg Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
26 File Upload, XSS, XSRF, And so on Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
27 Thanks mailto : soomin0611 at Gmail Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
28 Penetration Test SQL Injection URL has variable!! - Check Numeric or Not - Set DB Type - Success String Check Query We know the count of Column. So Make union Query Set with NULL Works? Change Data Type one by one Needs another Method Good job! You ve got the Query. Let s Get Tables! Check Injection - Check the URL has Vulnerable Try and Check Error or Not Use blind Injection Tools Sorry take a rest! How about order by 1 GET Tables - Get response form schema table with the query that you found. - parsing HTML and Get tables GET Columns - Get response form schema table with one of tables. - parsing HTML and Get columns How about order by n Good job! Let s check Query GET DATAS - Get response form a specific tables and columns - parsing HTML and Get datas Copyright 2008 Samsung SDS Co., Ltd. All rights reserved
Module 14: SQL Injection
Module 14: SQL Injection Objective The objective of this lab is to provide expert knowledge on SQL Injection attacks and other responsibilities that include: Understanding when and how web application
More informationSecure Programming Lecture 8++: SQL Injection
Secure Programming Lecture 8++: SQL Injection David Aspinall, Informatics @ Edinburgh 9th February 2016 Outline Overview Other past attacks More examples Classification Injection route and motive Forms
More informationInjection attacks use specially crafted inputs to subvert the intended operation of applications.
Secure Programming Lecture 8: SQL Injection David Aspinall, Informatics @ Edinburgh 8th February 2018 Recap Injection attacks use specially crafted inputs to subvert the intended operation of applications.
More informationApplication vulnerabilities and defences
Application vulnerabilities and defences In this lecture We examine the following : SQL injection XSS CSRF SQL injection SQL injection is a basic attack used to either gain unauthorized access to a database
More informationSQL INJECTION IN WEB APPLICATIONS By Roshmi Choudhury,Officer (IT) Numaligarh Refinery Limited
SQL INJECTION IN WEB APPLICATIONS By Roshmi Choudhury,Officer (IT) Numaligarh Refinery Limited Abstract It may be too late to shut the stable door after the horse has been stolen. Most companies in the
More informationMWR InfoSecurity Advisory. 26 th April Elastic Path Administrative. Quit. Session Hijacking through Embedded XSS
Quit MWR InfoSecurity Advisory Elastic Path Administrative Session Hijacking through Embedded XSS 26 th April 2007 2007-04-26 1 of 7 INDEX 1 Detailed Vulnerability description...4 1.1 Introduction...4
More informationApplication Security through a Hacker s Eyes James Walden Northern Kentucky University
Application Security through a Hacker s Eyes James Walden Northern Kentucky University waldenj@nku.edu Why Do Hackers Target Web Apps? Attack Surface A system s attack surface consists of all of the ways
More informationWeb Application Attacks
Web Application Attacks What can an attacker do and just how hard is it? By Damon P. Cortesi IOActive, Inc. Comprehensive Computer Security Services www.ioactive.com cortesi:~
More informationAdvanced Web Technology 10) XSS, CSRF and SQL Injection
Berner Fachhochschule, Technik und Informatik Advanced Web Technology 10) XSS, CSRF and SQL Injection Dr. E. Benoist Fall Semester 2010/2011 1 Table of Contents Cross Site Request Forgery - CSRF Presentation
More informationNET 311 INFORMATION SECURITY
NET 311 INFORMATION SECURITY Networks and Communication Department Lec12: Software Security / Vulnerabilities lecture contents: o Vulnerabilities in programs Buffer Overflow Cross-site Scripting (XSS)
More informationINF 102 CONCEPTS OF PROG. LANGS ADVERSITY. Instructors: James Jones Copyright Instructors.
INF 102 CONCEPTS OF PROG. LANGS ADVERSITY Instructors: James Jones Copyright Instructors. Approaches to failure Let it fail Good in development: understand failure mode Defend against the possible and
More informationWeb Security. Jace Baker, Nick Ramos, Hugo Espiritu, Andrew Le
Web Security Jace Baker, Nick Ramos, Hugo Espiritu, Andrew Le Topics Web Architecture Parameter Tampering Local File Inclusion SQL Injection XSS Web Architecture Web Request Structure Web Request Structure
More informationATTACKING SYSTEM & WEB Desmond Alexander CISSP / GIAC/ GPEN CEO FORESEC
ATTACKING SYSTEM & WEB Desmond Alexander CISSP / GIAC/ GPEN CEO FORESEC AGENDA VULNERABILITIES OF WEB EXPLOIT METHODS COUNTERMEASURE About Me DIRECTOR OF FORESEC COUNTER TERRORIST ACTION TEAM RESEARCH
More informationSQL Injection SPRING 2018: GANG WANG
SQL Injection SPRING 2018: GANG WANG SQL Injection Another reason to validate user input data Slides credit to Neil Daswani and Adam Doupé 2 3 http://xkcd.com/327/ Produce More Secure Code Operating system
More informationWeb Application Security GVSAGE Theater
Web Application Security GVSAGE Theater B2B Tech Expo Oct 29, 2003 Durkee Consulting www.rd1.net 1 Ralph Durkee SANS Certified Mentor/Instructor SANS GSEC, GCIH, GGSC Network Security and Software Development
More informationCSE 127 Computer Security
CSE 127 Computer Security Fall 2015 Web Security I: SQL injection Stefan Savage The Web creates new problems Web sites are programs Partially implemented in browser» Javascript, Java, Flash Partially implemented
More informationExcerpts of Web Application Security focusing on Data Validation. adapted for F.I.S.T. 2004, Frankfurt
Excerpts of Web Application Security focusing on Data Validation adapted for F.I.S.T. 2004, Frankfurt by fs Purpose of this course: 1. Relate to WA s and get a basic understanding of them 2. Understand
More informationJava Database Connectivity (JDBC) 25.1 What is JDBC?
PART 25 Java Database Connectivity (JDBC) 25.1 What is JDBC? JDBC stands for Java Database Connectivity, which is a standard Java API for database-independent connectivity between the Java programming
More informationPenetration Testing. James Walden Northern Kentucky University
Penetration Testing James Walden Northern Kentucky University Topics 1. What is Penetration Testing? 2. Rules of Engagement 3. Penetration Testing Process 4. Map the Application 5. Analyze the Application
More informationIT Service Delivery and Support Week Three. IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao
IT Service Delivery and Support Week Three IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao 1 Infrastructure Essentials Computer Hardware Operating Systems (OS) & System Software Applications
More informationGOING WHERE NO WAFS HAVE GONE BEFORE
GOING WHERE NO WAFS HAVE GONE BEFORE Andy Prow Aura Information Security Sam Pickles Senior Systems Engineer, F5 Networks NZ Agenda: WTF is a WAF? View from the Trenches Example Attacks and Mitigation
More informationLecture 7: Web hacking 3, SQL injection, Xpath injection, Server side template injection, File inclusion
IN5290 Ethical Hacking Lecture 7: Web hacking 3, SQL injection, Xpath injection, Server side template injection, File inclusion Universitetet i Oslo Laszlo Erdödi Lecture Overview What is SQL injection
More informationJacksonville Linux User Group Presenter: Travis Phillips Date: 02/20/2013
Jacksonville Linux User Group Presenter: Travis Phillips Date: 02/20/2013 Welcome Back! A Quick Recap of the Last Presentation: Overview of web technologies. What it is. How it works. Why it s attractive
More informationCIS 700/002 : Special Topics : OWASP ZED (ZAP)
CIS 700/002 : Special Topics : OWASP ZED (ZAP) Hitali Sheth CIS 700/002: Security of EMBS/CPS/IoT Department of Computer and Information Science School of Engineering and Applied Science University of
More informationSQL Injection Attacks and Defense
SQL Injection Attacks and Defense Justin Clarke Lead Author and Technical Editor Rodrigo Marcos Alvarez Dave Hartley Joseph Hemler Alexander Kornbrust Haroon Meer Gary O'Leary-Steele Alberto Revelli Marco
More informationWEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang
WEB SECURITY WORKSHOP TEXSAW 2014 Presented by Solomon Boyd and Jiayang Wang Introduction and Background Targets Web Applications Web Pages Databases Goals Steal data Gain access to system Bypass authentication
More informationPenetration: from application down to OS
December 27, 2009 Penetration: from application down to OS Getting OS access using Apache Geronimo Application Server vulnerabilities Digitаl Security Research Group (DSecRG) Stanislav Svistunovich research@dsec.com
More informationThis lecture. Databases - JDBC I. Application Programs. Database Access End Users
This lecture Databases - I The lecture starts discussion of how a Java-based application program connects to a database using. (GF Royle 2006-8, N Spadaccini 2008) Databases - I 1 / 24 (GF Royle 2006-8,
More informationParameterization in OpenSTA for load testing. Parameterization in OpenSTA Author: Ranjit Shewale
Parameterization in OpenSTA Author: Ranjit Shewale (jcrvs@hotmail.com) Date: 14 th April 2003 What is OpenSTA? OpenSTA is a load testing tool used by performance test engineers. For more details please
More informationCSE361 Web Security. Attacks against the server-side of web applications. Nick Nikiforakis
CSE361 Web Security Attacks against the server-side of web applications Nick Nikiforakis nick@cs.stonybrook.edu Threat model In these scenarios: The server is benign The client is malicious The client
More informationInstall and Configure SQL 2012 Express
Install and Configure SQL 2012 Express SQL 2012 Express is available free from Microsoft. This is the most recent version. Install SQL Server with the tools, mainly SQL Server Management Studio. Download
More informationA1 (Part 2): Injection SQL Injection
A1 (Part 2): Injection SQL Injection SQL injection is prevalent SQL injection is impactful Why a password manager is a good idea! SQL injection is ironic SQL injection is funny Firewall Firewall Accounts
More informationCOMP9321 Web Application Engineering
COMP9321 Web Application Engineering Web Application Security Dr. Basem Suleiman Service Oriented Computing Group, CSE, UNSW Australia Semester 1, 2016, Week 8 http://webapps.cse.unsw.edu.au/webcms2/course/index.php?cid=2442
More informationEMBEDDED SQL. SE 3DB3 Fall 2016 MICHAEL LIUT DEPARTMENT OF COMPUTING AND SOFTWARE MCMASTER UNIVERSITY
EMBEDDED SQL MICHAEL LIUT (LIUTM@MCMASTER.CA) DEPARTMENT OF COMPUTING AND SOFTWARE MCMASTER UNIVERSITY SE 3DB3 Fall 2016 (Slides adapted from Dr. Fei Chiang, Diane Horton, examples from J. Ullman, J. Widom)
More informationSophos UTM Web Application Firewall For: Microsoft Exchange Services
How to configure: Sophos UTM Web Application Firewall For: Microsoft Exchange Services This guide explains how to configure your Sophos UTM 9.3+ to allow access to the relevant Microsoft Exchange services
More informationInjection. CSC 482/582: Computer Security Slide #1
Injection Slide #1 Topics 1. Injection Attacks 2. SQL Injection 3. Mitigating SQL Injection 4. XML Injection Slide #2 Injection Injection attacks trick an application into including unintended commands
More informationCSC System Development with Java. Database Connection. Department of Statistics and Computer Science. Budditha Hettige
CSC 308 2.0 System Development with Java Database Connection Budditha Hettige Department of Statistics and Computer Science Budditha Hettige 1 From database to Java There are many brands of database: Microsoft
More informationWho s Afraid of SQL Injection?! Mike Kölbl Sonja Klausburg Siegfried Goeschl
Who s Afraid of SQL Injection?! Mike Kölbl Sonja Klausburg Siegfried Goeschl 1 http://xkcd.com/327/ 2 What Is SQL Injection? Incorrectly validated or nonvalidated string literals are concatenated into
More informationAttacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14
Attacks Against Websites 3 The OWASP Top 10 Tom Chothia Computer Security, Lecture 14 OWASP top 10. The Open Web Application Security Project Open public effort to improve web security: Many useful documents.
More informationBlind Sql Injection with Regular Expressions Attack
Blind Sql Injection with Regular Expressions Attack Authors: Simone Quatrini Marco Rondini 1/9 Index Why blind sql injection?...3 How blind sql injection can be used?...3 Testing vulnerability (MySQL -
More informationThe Ultimate Windows 10 Hardening Guide: What to Do to Make Hackers Pick Someone Else
The Ultimate Windows 10 Hardening Guide: What to Do to Make Hackers Pick Someone Else Paula Januszkiewicz CQURE: CEO, Penetration Tester CQURE Offices: New York, Dubai, Warsaw MVP: Enterprise Security,
More informationCS 161 Computer Security
Nick Weaver Fall 2018 CS 161 Computer Security Homework 3 Due: Friday, 19 October 2018, at 11:59pm Instructions. This homework is due Friday, 19 October 2018, at 11:59pm. No late homeworks will be accepted
More informationWeb 2.0 and AJAX Security. OWASP Montgomery. August 21 st, 2007
Web 2.0 and AJAX Security OWASP Montgomery August 21 st, 2007 Overview Introduction Definition of Web 2.0 Basics of AJAX Attack Vectors for AJAX Applications AJAX and Application Security Conclusions 1
More informationJDBC, Transactions. Niklas Fors JDBC 1 / 38
JDBC, Transactions SQL in Programs Embedded SQL and Dynamic SQL JDBC Drivers, Connections, Statements, Prepared Statements Updates, Queries, Result Sets Transactions Niklas Fors (niklas.fors@cs.lth.se)
More informationWeb Penetration Testing
Web Penetration Testing What is a Website How to hack a Website? Computer with OS and some servers. Apache, MySQL...etc Contains web application. PHP, Python...etc Web application is executed here and
More informationSQL Injection. EECS Introduction to Database Management Systems
SQL Injection EECS3421 - Introduction to Database Management Systems Credit "Foundations of Security: What Every Programmer Needs To Know" (Chapter 8) by Neil Daswani, Christoph Kern, and Anita Kesavan
More informationAutomated SQL Ownage Techniques. OWASP October 30 th, The OWASP Foundation
Automated SQL Ownage Techniques October 30 th, 2009 Sebastian Cufre Developer Core Security Technologies sebastian.cufre@coresecurity.com Copyright The Foundation Permission is granted to copy, distribute
More informationServer Manager User and Permissions Setup
Login and Security Once you successfully create your company databases, the next step is to define the groups and users that can access the TRAVERSE data and the functionality they will have within the
More informationERwin and JDBC. Mar. 6, 2007 Myoung Ho Kim
ERwin and JDBC Mar. 6, 2007 Myoung Ho Kim ERwin ERwin a popular commercial ER modeling tool» other tools: Dia (open source), Visio, ConceptDraw, etc. supports database schema generation 2 ERwin UI 3 Data
More informationEmbedded SQL. csc343, Introduction to Databases Diane Horton with examples from Ullman and Widom Fall 2014
Embedded SQL csc343, Introduction to Databases Diane Horton with examples from Ullman and Widom Fall 2014 Problems with using interactive SQL Standard SQL is not Turing-complete. E.g., Two profs are colleagues
More informationCNIT 129S: Securing Web Applications. Ch 10: Attacking Back-End Components
CNIT 129S: Securing Web Applications Ch 10: Attacking Back-End Components Injecting OS Commands Web server platforms often have APIs To access the filesystem, interface with other processes, and for network
More informationWeb Application & Web Server Vulnerabilities Assessment Pankaj Sharma
Web Application & Web Server Vulnerabilities Assessment Pankaj Sharma Indian Computer Emergency Response Team ( CERT - IN ) Department Of Information Technology 1 Agenda Introduction What are Web Applications?
More informationJackson State University Department of Computer Science CSC / Advanced Information Security Spring 2013 Lab Project # 3
Jackson State University Department of Computer Science CSC 439-01/539-02 Advanced Information Security Spring 2013 Lab Project # 3 Use of CAPTCHA (Image Identification Strategy) to Prevent XSRF Attacks
More informationWeb Security, Part 2
Web Security, Part 2 CS 161 - Computer Security Profs. Vern Paxson & David Wagner TAs: John Bethencourt, Erika Chin, Matthew Finifter, Cynthia Sturton, Joel Weinberger http://inst.eecs.berkeley.edu/~cs161/
More informationOne Click Ownage, Adventures of a lazy pen tester... Ferruh Mavituna Mavituna Security Ltd. AppSec DC The OWASP Foundation
One Click Ownage, Adventures of a lazy pen tester... Ferruh Mavituna Lead developer of netsparker AppSec DC Mavituna Security Ltd. ferruh@mavitunasecurity.com The Foundation http://www.owasp.org 2 Who
More informationSome Facts Web 2.0/Ajax Security
/publications/notes_and_slides Some Facts Web 2.0/Ajax Security Allen I. Holub Holub Associates allen@holub.com Hackers attack bugs. The more complex the system, the more bugs it will have. The entire
More informationImmotec Systems, Inc. SQL Server 2008 Installation Document
SQL Server Installation Guide 1. From the Visor 360 installation CD\USB Key, open the Access folder and install the Access Database Engine. 2. Open Visor 360 V2.0 folder and double click on Setup. Visor
More informationHuman vs Artificial intelligence Battle of Trust
Human vs Artificial intelligence Battle of Trust Hemil Shah Co-CEO & Director Blueinfy Solutions Pvt Ltd About Hemil Shah hemil@blueinjfy.net Position -, Co-CEO & Director at BlueInfy Solutions, - Founder
More informationUNIVERSITY OF TARTU FACULTY OF SCIENCE AND TECHNOLOGY INSTITUTE OF COMPUTER SCIENCE INFORMATICS. CVE Hiie-Helen Raju
UNIVERSITY OF TARTU FACULTY OF SCIENCE AND TECHNOLOGY INSTITUTE OF COMPUTER SCIENCE INFORMATICS CVE-2013-2559 Hiie-Helen Raju Tartu 2017 Contents Introduction... 3 Vulnerability description... 3 Threat
More informationIntegrity attacks (from data to code): Malicious File upload, code execution, SQL Injection
Pattern Recognition and Applications Lab Integrity attacks (from data to code): Malicious File upload, code execution, SQL Injection Igino Corona igino.corona _at_ diee.unica.it Computer Security May 2nd,
More informationDatabase Attacks, How to protect the corporate assets. Presented by: James Bleecker
Database Attacks, How to protect the corporate assets Presented by: James Bleecker Agenda Introduction Network/Application Landscape Database Vulnerabilities Are The New Front-Lines Attacking Where the
More informationWeb Search An Application of Information Retrieval Theory
Web Search An Application of Information Retrieval Theory Term Project Summer 2009 Introduction The goal of the project is to produce a limited scale, but functional search engine. The search engine should
More informationSecure Application Development. OWASP September 28, The OWASP Foundation
Secure Application Development September 28, 2011 Rohini Sulatycki Senior Security Consultant Trustwave rsulatycki@trustwave.com Copyright The Foundation Permission is granted to copy, distribute and/or
More information(System) Integrity attacks System Abuse, Malicious File upload, SQL Injection
Pattern Recognition and Applications Lab (System) Integrity attacks System Abuse, Malicious File upload, SQL Injection Igino Corona igino.corona (at) diee.unica.it Computer Security April 9, 2018 Department
More informationEngineering Your Software For Attack
Engineering Your Software For Attack Robert A. Martin Senior Principal Engineer Cyber Security Center Center for National Security The MITRE Corporation 2013 The MITRE Corporation. All rights reserved.
More informationAvoiding Web Application Flaws In Embedded Devices. Jake Edge LWN.net URL for slides:
Avoiding Web Application Flaws In Embedded Devices Jake Edge LWN.net jake@lwn.net URL for slides: http://lwn.net/talks/elce2008 Overview Examples embedded devices gone bad Brief introduction to HTTP Authentication
More informationPractical Automated Web Application Attack Techniques Justin Clarke Gotham Digital Science Gotham Digital Science Ltd
Practical Automated Web Application Attack Techniques Justin Clarke Gotham Digital Science Why this talk? The techniques are well known, but how about some way of applying ppy them? Commercial tools are
More informationString Analysis for the Detection of Web Application Flaws
String Analysis for the Detection of Web Application Flaws Luca Carettoni l.carettoni@securenetwork.it Claudio Merloni c.merloni@securenetwork.it CONFidence 2007 - May 12-13, Kraków, Poland 04/05/07 1
More informationUsing Positive Tainting and Syntax-Aware Evaluation to Counter SQL Injection Attacks
Using Positive Tainting and Syntax-Aware Evaluation to Counter SQL Injection Attacks Alex Orso with William Halfond and Pete Manolios Georgia Institute of Technology {orso whalfond manolios}@cc.gatech.edu
More informationA D V I S O R Y S E R V I C E S. Web Application Assessment
A D V I S O R Y S E R V I C E S Web Application Assessment March 2009 Agenda Definitions Landscape of current web applications Required skills Attack surface Scope Methodology Soft skills 2 Definitions
More informationEmbedded SQL. csc343, Introduction to Databases Renée J. Miller and Fatemeh Nargesian and Sina Meraji Winter 2018
Embedded SQL csc343, Introduction to Databases Renée J. Miller and Fatemeh Nargesian and Sina Meraji Winter 2018 Problems with using interactive SQL Standard SQL is not Turing-complete. E.g., Two profs
More informationWeb Attacks, con t. CS 161: Computer Security. Prof. Vern Paxson. TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin
Web Attacks, con t CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 22, 2011 Announcements See Still confused
More informationRevised: 08/02/ Click the Start button at bottom left, enter Server Manager in the search box, and select it in the list to open it.
Mobile App Windows Authentication & SSL Config Revised: 08/02/2017 Job Aid This Job Aid is intended for agency IT staff and explains how to enable Windows Authentication and SSL for your mobile applications
More information10 common programming mistakes that make you vulnerable to attack
10 common programming mistakes that make you vulnerable to attack Elisa Heymann Computer Architecture and Operating Systems Department Universitat Autònoma de Barcelona Elisa.Heymann@uab.es Barton P. Miller
More informationPenetration: from application down to OS
April 8, 2009 Penetration: from application down to OS Getting OS access using IBM Websphere Application Server vulnerabilities Digitаl Security Research Group (DSecRG) Stanislav Svistunovich research@dsecrg.com
More informationImmotec Systems, Inc. SQL Server 2008 Installation Document
SQL Server Installation Guide 1. From the Visor 360 installation CD\USB Key, open the Access folder and install the Access Database Engine. 2. Open Visor 360 V2.0 folder and double click on Setup. Visor
More informationepldt Web Builder Security March 2017
epldt Web Builder Security March 2017 TABLE OF CONTENTS Overview... 4 Application Security... 5 Security Elements... 5 User & Role Management... 5 User / Reseller Hierarchy Management... 5 User Authentication
More informationApplication Security Introduction. Tara Gu IBM Product Security Incident Response Team
Application Security Introduction Tara Gu IBM Product Security Incident Response Team About Me - Tara Gu - tara.weiqing@gmail.com - Duke B.S.E Biomedical Engineering - Duke M.Eng Computer Engineering -
More informationInjection vulnerabilities: command injection and SQL injection
Injection vulnerabilities: command injection and SQL injection Questões de Segurança em Engenharia de Software (QSES) Departamento de Ciência de Computadores Faculdade de Ciências da Universidade do Porto
More informationAndrew Muller, Canberra Managing Director, Ionize, Canberra The challenges of Security Testing. Security Testing. Taming the Wild West
Andrew Muller, Canberra Managing Director, Ionize, Canberra The challenges of Security Testing Advancing Expertise in Security Testing Taming the Wild West Canberra, Australia 1 Who is this guy? Andrew
More informationComputer Security 3e. Dieter Gollmann. Chapter 18: 1
Computer Security 3e Dieter Gollmann www.wiley.com/college/gollmann Chapter 18: 1 Chapter 18: Web Security Chapter 18: 2 Web 1.0 browser HTTP request HTML + CSS data web server backend systems Chapter
More informationCOMP9321 Web Application Engineering
COMP9321 Web Application Engineering Semester 2, 2017 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 http://webapps.cse.unsw.edu.au/webcms2/course/index.php?cid=2465 1 Assignment
More informationFtp Connecting Command Prompt To Sql Server 2008 Via
Ftp Connecting Command Prompt To Sql Server 2008 Via I have written a query to download files from a FTP server. print @cmd EXEC master.xp_cmdshell @cmd select @cmd = 'echo ' + 'prompt ' + hrs without
More informationWeb Security. Thierry Sans
Web Security Thierry Sans 1991 Sir Tim Berners-Lee Web Portals 2014 Customer Resources Managemen Accounting and Billing E-Health E-Learning Collaboration Content Management Social Networks Publishing Web
More informationCHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS
180 CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS 8.1 SUMMARY This research has focused on developing a Web Applications Secure System from Code Injection Vulnerabilities through Web Services (WAPS-CIVS),
More informationOWASP Top 10 Risks. Many thanks to Dave Wichers & OWASP
OWASP Top 10 Risks Dean.Bushmiller@ExpandingSecurity.com Many thanks to Dave Wichers & OWASP My Mom I got on the email and did a google on my boy My boy works in this Internet thing He makes cyber cafes
More informationPrinciples of Designing Secure Systems
T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Principles of Designing Secure Systems EECE 412 Who Am I name: San-Tsai Sun PhD candidate/ta 412 for 3 terms web application security security
More informationSyncStudio by HandApps Software. A Complete Mobile Database Synchronization Solution. Quick-Start Manual. Release 3.x, June 2017
SyncStudio by HandApps Software A Complete Mobile Database Synchronization Solution Quick-Start Manual Release 3.x, June 2017 Copyright 2017 by HandApps Software All rights reserved Page 1 of 36 Edition
More informationIntroduction to InfoSec SQLI & XSS (R10+11) Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Introduction to InfoSec SQLI & XSS (R10+11) Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il) Covered material Useful SQL Tools SQL Injection in a Nutshell. Mass Code
More informationCSC 405 Computer Security. Web Security
CSC 405 Computer Security Web Security Alexandros Kapravelos akaprav@ncsu.edu (Derived from slides by Giovanni Vigna and Adam Doupe) 1 source: https://xkcd.com/327/ 2 source: https://xkcd.com/327/ 3 source:
More informationHP 2012 Cyber Security Risk Report Overview
HP 2012 Cyber Security Risk Report Overview September 2013 Paras Shah Software Security Assurance - Canada Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject
More informationThis slide shows the OWASP Top 10 Web Application Security Risks of 2017, which is a list of the currently most dangerous web vulnerabilities in
1 This slide shows the OWASP Top 10 Web Application Security Risks of 2017, which is a list of the currently most dangerous web vulnerabilities in terms of prevalence (how much the vulnerability is widespread),
More informationCSCE 548 Building Secure Software SQL Injection Attack
CSCE 548 Building Secure Software SQL Injection Attack Professor Lisa Luo Spring 2018 Previous class DirtyCOW is a special type of race condition problem It is related to memory mapping We learned how
More informationApplication and Data Security with F5 BIG-IP ASM and Oracle Database Firewall
F5 White Paper Application and Data Security with F5 BIG-IP ASM and Oracle Database Firewall Organizations need an end-to-end web application and database security solution to protect data, customers,
More informationHolistic Database Security
Holistic Database Security 1 Important Terms Exploit: Take advantage of a flaw or feature Attack Surface: Any node on the network that can be attacked. That can be the UI, People, anything that touches
More informationMake My Day Just Run A Web Scanner
Make My Day Just Run A Web Scanner Countering the faults of typical web scanners through bytecode injection Toshinari Kureha, Fortify Software Agenda Problems With Black Box Testing Approaches To Finding
More informationWeb Application Security. Philippe Bogaerts
Web Application Security Philippe Bogaerts OWASP TOP 10 3 Aim of the OWASP Top 10 educate developers, designers, architects and organizations about the consequences of the most common web application security
More informationScoreboard 2.16 Installation Guide. For Apache Tomcat 8.0 On Windows 2003 (or later) Server, 64-bit
Scoreboard 2.16 Installation Guide For Apache Tomcat 8.0 On Windows 2003 (or later) Server, 64-bit Updated November 10, 2016 1 Scoreboard and Connect By Spider Strategies Minimum Server Requirements The
More informationCSCI/CMPE Object-Oriented Programming in Java JDBC. Dongchul Kim. Department of Computer Science University of Texas Rio Grande Valley
CSCI/CMPE 3326 Object-Oriented Programming in Java JDBC Dongchul Kim Department of Computer Science University of Texas Rio Grande Valley Introduction to Database Management Systems Storing data in traditional
More informationWEB APPLICATION SCANNERS. Evaluating Past the Base Case
WEB APPLICATION SCANNERS Evaluating Past the Base Case GREG OSE PATRICK TOOMEY Presenter Intros Overview An overview of web application scanners Why is it hard to evaluate scanner efficacy? Prior Work
More information