Application vulnerabilities and defences

Similar documents
Web Application Security. Philippe Bogaerts

CSCD 303 Essential Computer Security Fall 2017

DEFENSIVE PROGRAMMING. Lecture for EDA 263 Magnus Almgren Department of Computer Science and Engineering Chalmers University of Technology

CIS 4360 Secure Computer Systems XSS

CSCD 303 Essential Computer Security Fall 2018

Computer Security 3e. Dieter Gollmann. Chapter 18: 1

Attacks Against Websites. Tom Chothia Computer Security, Lecture 11

COMP9321 Web Application Engineering

Advanced Web Technology 10) XSS, CSRF and SQL Injection

OWASP Top 10 The Ten Most Critical Web Application Security Risks

CSCE 813 Internet Security Case Study II: XSS

CS 161 Computer Security

Web basics: HTTP cookies

Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any

COMP9321 Web Application Engineering

How is state managed in HTTP sessions. Web basics: HTTP cookies. Hidden fields (2) The principle. Disadvantage of this approach

COMP9321 Web Application Engineering

P2_L12 Web Security Page 1

WEB SECURITY: XSS & CSRF

Web basics: HTTP cookies

Penetration Testing following OWASP. Boyan Yanchev Chief Technology Ofcer Peter Dimkov IS Consultant

Copyright

WEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang

Security Course. WebGoat Lab sessions

PROBLEMS IN PRACTICE: THE WEB MICHAEL ROITZSCH

OWASP Top 10 Risks. Many thanks to Dave Wichers & OWASP

OWASP TOP Release. Andy Willingham June 12, 2018 OWASP Cincinnati

Application Security Introduction. Tara Gu IBM Product Security Incident Response Team

THREAT MODELING IN SOCIAL NETWORKS. Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda

INF3700 Informasjonsteknologi og samfunn. Application Security. Audun Jøsang University of Oslo Spring 2015

SECURITY TESTING. Towards a safer web world

Aguascalientes Local Chapter. Kickoff

CS 155 Project 2. Overview & Part A

Common Websites Security Issues. Ziv Perry

WebGoat& WebScarab. What is computer security for $1000 Alex?

This slide shows the OWASP Top 10 Web Application Security Risks of 2017, which is a list of the currently most dangerous web vulnerabilities in

Robust Defenses for Cross-Site Request Forgery Review

CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS

C1: Define Security Requirements

Is Browsing Safe? Web Browser Security. Subverting the Browser. Browser Security Model. XSS / Script Injection. 1. XSS / Script Injection

W e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s

Robust Defenses for Cross-Site Request Forgery

Application Security through a Hacker s Eyes James Walden Northern Kentucky University

Excerpts of Web Application Security focusing on Data Validation. adapted for F.I.S.T. 2004, Frankfurt

Avoiding Web Application Flaws In Embedded Devices. Jake Edge LWN.net URL for slides:

Andrew Muller, Canberra Managing Director, Ionize, Canberra The challenges of Security Testing. Security Testing. Taming the Wild West

Lecture Overview. IN5290 Ethical Hacking

Lecture 6: Web hacking 2, Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Session related attacks

Web insecurity Security strategies General security Listing of server-side risks Language specific security. Web Security.

Hacker Attacks on the Horizon: Web 2.0 Attack Vectors

Web Security Computer Security Peter Reiher December 9, 2014

Perslink Security. Perslink Security. Eleonora Petridou Pascal Cuylaerts. System And Network Engineering University of Amsterdam.

Security and Privacy. SWE 432, Fall 2016 Design and Implementation of Software for the Web

Chrome Extension Security Architecture

CSE361 Web Security. Attacks against the client-side of web applications. Nick Nikiforakis

Abusing Windows Opener to Bypass CSRF Protection (Never Relay On Client Side)

CS1520 Recitation: Security in Flask

GOING WHERE NO WAFS HAVE GONE BEFORE

Security Testing White Paper

Web Attacks, con t. CS 161: Computer Security. Prof. Vern Paxson. TAs: Devdatta Akhawe, Mobin Javed & Matthias Vallentin

AN E-GOVERNANCE WEB SECURITY AUDIT Deven Pandya 1, Dr. N. J. Patel 2 1 Research Scholar, Department of Computer Application

Attacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14

Web Security: Web Application Security [continued]

Web Application Threats and Remediation. Terry Labach, IST Security Team

Preparing for the Cross Site Request Forgery Defense

Multi-Post XSRF Web App Exploitation, total pwnage

Title: Multiple Remote Command Execution vulnerabilities on Avaya Intuity Audix LX (plus some client-side bugs)


CSE 484 / CSE M 584: Computer Security and Privacy. Web Security. Autumn Tadayoshi (Yoshi) Kohno

1 About Web Security. What is application security? So what can happen? see [?]

Sichere Software vom Java-Entwickler

Application Layer Security

GUI based and very easy to use, no security expertise required. Reporting in both HTML and RTF formats - Click here to view the sample report.

Web Security: Web Application Security [continued]

Automatically Checking for Session Management Vulnerabilities in Web Applications

Welcome to the OWASP TOP 10

INNOV-09 How to Keep Hackers Out of your Web Application

Web Application with AJAX. Kateb, Faris; Ahmed, Mohammed; Alzahrani, Omar. University of Colorado, Colorado Springs

Security. CSC309 TA: Sukwon Oh

NET 311 INFORMATION SECURITY

Web Application Security

PHP Security. Kevin Schroeder Zend Technologies. Copyright 2007, Zend Technologies Inc.

Cross-Site Request Forgery in Cisco SG220 series

OWASP TOP 10. By: Ilia

CS 161 Computer Security

Your Turn to Hack the OWASP Top 10!

2/16/18. CYSE 411/AIT 681 Secure Software Engineering. Secure Coding. The Web. Topic #11. Web Security. Instructor: Dr. Kun Sun

IERG 4210 Tutorial 07. Securing web page (I): login page and admin user authentication Shizhan Zhu

CSE361 Web Security. Attacks against the server-side of web applications. Nick Nikiforakis

Cross-Site Request Forgery: The Sleeping Giant. Jeremiah Grossman Founder and CTO, WhiteHat Security

Web Security. Attacks on Servers 11/6/2017 1

Web 2.0 and AJAX Security. OWASP Montgomery. August 21 st, 2007

Information Security CS 526 Topic 11

OWASP Thailand. Proxy Caches and Web Application Security. OWASP AppSec Asia October 21, Using the Recent Google Docs 0-Day as an Example

CNIT 129S: Securing Web Applications. Ch 12: Attacking Users: Cross-Site Scripting (XSS) Part 2

Web Security. Jace Baker, Nick Ramos, Hugo Espiritu, Andrew Le

Web Applications Penetration Testing

How to perform the DDoS Testing of Web Applications

PROBLEMS IN PRACTICE: THE WEB MICHAEL ROITZSCH

Solutions Business Manager Web Application Security Assessment

Transcription:

Application vulnerabilities and defences

In this lecture We examine the following : SQL injection XSS CSRF

SQL injection SQL injection is a basic attack used to either gain unauthorized access to a database or to retrieve information directly from the database. The principles behind a SQL injection are simple and these types of attacks are easy to execute and master.

SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed.

Basic examples of injection attacks Assume the application is vulnerable to SQL injection, as it uses unvalidated user input to form SQL strings. For instance, the following application has an email form where users enter their email address: select email from users where email = <user_input> ' where <user_input> is what you enter in the form. If we enter someone@somewhere.com' in the form, the resulting SQL is: select email from users where email = 'someone@somewhere.com''

That is likely to produce a syntax error in the application when the database parses the SQL and objects to the last '. Having tried this, the SQL injector already knows you concatenate strings without validating them and that you are vulnerable. Now assume the form input is changed to: The resulting SQL is: someone@somewhere.com' or 'x' = 'x select email from users where email = 'someone@somewhere.com' or 'x' = 'x' The typical logic that such an application expects is that so long as a row is returned, the email address must be valid, and hence you gain access.

SQL Injection 1. App sends form to user. 2. Attacker submits form with SQL exploit data. 3. Application builds string with exploit data. 4. Application sends SQL query to DB. 5. DB executes query, including exploit, sends data back to application. 6. Application returns data to user. Attacker Form User Pass or 1=1-- Firewall Web Server DB Server

hackers used a SQL injection attack against the California ISP Sebastian to access a database of customers' e-mail addresses, user names and clear text passwords -- and then using that data to steal money from those customers. The hackers claim to have stolen $100,000 by leveraging user names and passwords taken from a California ISP to access victims' bank accounts.

Cross-Site Scripting (XSS) Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it

An attacker can use XSS to send a malicious script to an unsuspecting user. The end user s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page

Cross-Site Request Forgery (XSRF) CSRF is an attack which forces an end user to execute unwanted actions on a web application in which he/she is currently authenticated. With a little help of social engineering (like sending a link via email/chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and operation in case of normal user. If the targeted end user is the administrator account, this can compromise the entire web application.

Cross-Site Request Forgery (CSRF) is an attack that tricks the victim into loading a page that contains a malicious request. It is malicious in the sense that it inherits the identity and privileges of the victim to perform an undesired function on the victim's behalf, like change the victim's e-mail address, home address, or password, or purchase something. CSRF attacks generally target functions that cause a state change on the server but can also be used to access sensitive data.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback