XSS and Sql Injection are Top 2 injection attacks currently causing threat to web application.
Cross-site scripting (XSS) is a code injection attack that allows an malicious user to execute malicious JavaScript in another user's browser. A successful XSS attack compromises the security of both the web application and its users.
SQL injection is a technique where malicious user can inject SQL commands into an SQL statement, via web page input.Injected SQL commands can alter SQL statement and compromise the security of a web application.
3. 3
#!@
I. INTRODUCTION TO XSS
Agenda
II. TYPES OF XSS
III. PREVENTING XSS
IV. INTRODUCTION TO SQL INJECTION
V. OVERVIEW OF SQL INJECTION
VI. PREVENTING TO SQL INJECTION
SrinivasPresenter
6. 6
#!@SrinivasPresenter
II. TYPES OF XSS
1.Reflected XSS (AKA Non-Persistent or Type II)
2.Stored XSS (AKA Persistent or Type I)
3.DOM Based XSS (AKA Type-0)
7. 7
#!@SrinivasPresenter
Reflected XSS
Reflected attacks are those where the
injected script is reflected off the web
server, such as in an error message,
search result, or any other response that
includes some or all of the input sent to
the server as part of the request.
8. 8
#!@SrinivasPresenter
Stored XSS
Stored attacks are those where the injected
script is permanently stored on the target
servers, such as in a database, in a
message forum, visitor log, comment field,
etc. The victim then retrieves the
malicious script from the server when it
requests the stored information
9. 9
#!@SrinivasPresenter
DOM Based XSS
DOM Based attacks are those where the
attack payload is executed as a result of
modifying the DOM “environment” in the
victim’s browser used by the original client
side script, so that the client side code
runs in an “unexpected” manner.
10. 10
#!@
III. PREVENTING XSS
1.Using a template system with context-
aware auto-escaping
2.Manually escaping user input
– White List
– Black List ( <!, &#, <?, <, >)
1.Understanding common browser behaviors
that lead to XSS
SrinivasPresenter
12. 12
#!@
IV. INTRODUCTION TO SQL INJECTION
SQL injection is a technique where malicious
users can inject SQL commands into an
SQL statement, via web page input
Ex:
Presenter Srinivas
13. 13
#!@
V. OVERVIEW OF SQL INJECTION
How to know whether the web app is
vulnerable to Sql Injection or not?
How to know profile the db structure?
How to fetch the data?
Presenter Srinivas
15. 15
#!@
Least Privilege
Don’t connect to the database with admin
privilege, grant only necessary
permissions.
Denying access to special system utilities
and system stored procedures.
Calling stored procedures would be more
secure if we have fine-grained control on
what will be returned in the stored
procedure.
Presenter Srinivas
16. 16
#!@
Nothing is foolproof
There are some suggestions on how you can
minimize the chance that your website will
contain the vulnerabilities.
But remember that both security and
technology evolves very rapidly; so, no
guarantees--what works today may not
fully work tomorrow (hackers can be
pretty clever).
SrinivasPresenter