Group 18: Chris Hood Brett Poche

Slides:

Advertisements

Similar presentations

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Advertisements

Nick Feamster CS 6262 Spring 2009

Past, Present and Future By Eoin Keary and Jim Manico

Web Security Never, ever, trust user inputs Supankar.

What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.

HI-TEC 2011 SQL Injection. Client’s Browser HTTP or HTTPS Web Server Apache or IIS HTML Forms CGI Scripts Database SQL Server or Oracle or MySQL ODBC.

Modern Web Application Frameworks CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.

By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

CROSS SITE SCRIPTING..! (XSS). Overview What is XSS? Types of XSS Real world Example Impact of XSS How to protect against XSS?

Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software

Introducing LAMP: Linux, Apache, MySQL and PHP Track 2 Workshop PacNOG 7 July 1, 2010 Pago Pago, American Samoa.

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

1 IS 2150 / TEL 2810 Introduction to Security James Joshi Associate Professor, SIS Lecture 12.1 Nov 20, 2012 SQL Injection Cross-Site Scripting.

Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.

Prevent Cross-Site Scripting (XSS) attack

+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.

Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.

About Dynamic Sites (Front End / Back End Implementations) by Janssen & Associates Affordable Website Solutions for Individuals and Small Businesses.

Lecture 7 Interaction. Topics Implementing data flows An internet solution Transactions in MySQL 4-tier systems – business rule/presentation separation.

JavaScript, Fourth Edition

Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.

Chapter 8 Cookies And Security JavaScript, Third Edition.

Accessing MySQL with PHP IDIA 618 Fall 2014 Bridget M. Blodgett.

Web Application Security ECE ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.

Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.

Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim

Accessing Your MySQL Database from the Web with PHP (Ch 11) 1.

Input Validation – common associated risks  ______________ user input controls SQL statements ultimately executed by a database server

CS 4720 Dynamic Web Applications CS 4720 – Web & Mobile Systems.

SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.

Aniket Joshi Justin Thomas. Agenda Introduction to SQL Injection SQL Injection Attack SQL Injection Prevention Summary.

Web Applications Testing By Jamie Rougvie Supported by.

By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.

Case Study Dynamic Website - Three Tier Architecture

Web Application Vulnerabilities ECE 4112 Internetwork Security, Spring 2005 Chris Kelly Chris Lewis April 28, 2005 ECE 4112 Internetwork Security, Spring.

Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.

What Is XSS ? ! Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to.

INFO 344 Web Tools And Development CK Wang University of Washington Spring 2014.

Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.

Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.

Web Applications Attacks A: SQL Injection Stored Cross Site Scripting Prof. Reuven Aviv Department of Computer Science Tel Hai Academic College Topics.

By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,

SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.

Web Security (cont.) 1. Referral issues r HTTP referer (originally referrer) – HTTP header that designates calling resource  Page on which a link is.

PHP Basics and Syntax Lesson 3 ITBS2203 E-Commerce for IT.

Web Application Security

Web Application Vulnerabilities, Detection Mechanisms, and Defenses

Introduction to Dynamic Web Programming

World Wide Web policy.

Static Detection of Cross-Site Scripting Vulnerabilities

Example – SQL Injection

SQL Injection Attacks Many web servers have backing databases

PHP / MySQL Introduction

Database Driven Websites

Web Systems Development (CSC-215)

Defense in Depth Web Server Custom HTTP Handler Input Validation

PHP: Security issues FdSc Module 109 Server side scripting and

Web Systems Development (CSC-215)

CSC 495/583 Topics of Software Security Intro to Web Security

Lecture 2 - SQL Injection

Web Programming Language

PHP Forms and Databases.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems

Exploring DOM-Based Cross Site Attacks

Cross-Site Scripting Attack (XSS)

Presentation transcript:

Group 18: Chris Hood Brett Poche ECE 4112: Lab 9 Web Security Spring Break Edition Group 18: Chris Hood Brett Poche

Outline Cross Site Scripting Definition 3 Main XSS Attacks XSS Defenses Lab Procedures Each week two lab groups will combine to do one brief power point presentation in class on the lab due date. This presentation (and leading of a class discussion) will be a brief summary of 1) the threats and techniques identified in the lab 2) the defenses one could use to protect against those threats

Setup Apache Server – open source HTTP web server PHP – open source, reflective programming language used to develop server-side applications, dynamic web content, and software applications. (MediaWiki) MySQL – SQL Database Management System

Cross Site Scripting XSS refers to a vulnerability in web applications where an attacker can “inject code into a page in a manner such that the web page subsequently executes the code. Seen in dynamic web applications that do not properly validate and escape user input.

XSS Attacks Type 0: DOM-based or local Type 1: Non-persistent or reflected Type 2: Persistent or stored

Type 0 Attack Utilizes JavaScript’s privileges in the “local zone” to execute code Attacks local machine via IE user privileges Example: A web page’s JavaScript is used to launch code stored on a viewer’s computer Not in lab

Type 1 Attack Supplied code is immediately executed by the server Example: Inserting JavaScript directly into search query Lab Section 1

Type 2 Attack Inserted code is directly stored (in a database) and is later displayed without being formatted Example Inserting JavaScript code into a forum message Lab Section 1

Lab Section 1: Cross-Site Scripting Section 2: SQL Injection on Linux Apache Web Server Section 3: Practical Web Exercise on Windows Server

Lab Section 1 Stealing cookies with Type 1 & 2 attacks Cookie – maintain state information Harvesting user names and super secret passwords Lots of sites use cookies to store info, like user name/pass, shopping cart, tracking purposes, etc

Lab Example This was done by placing JavaScript code directly into the URL (type 1 XSS attack)

Lab Example 2 This was done by placing JavaScript directly into the forum message, so it was placed into the HTML and directly interpreted. Both of these aren’t that harmful alone, but they are a good proof of concept along the lines of what can be done and how easy/stealthy it is.

Lab Section 2 SQL injection via query string and login fields Use company’s database against themselves Obtain user information directly from database Select statements inserted directly into URL (**not JavaScript anymore**) Best defense: input validation SQL

XSS Defenses Disable JavaScript Sanitize user input Not feasible Sanitize user input Search input for blacklisted code Other suggestions? Online research led to similar, three results Sanitize, like look for special characters and/or replace all single quotes with double quotes, semi-colons, /* comments, and <> marks Blacklisted code includes code that contains specific SQL queries and/or javascript

Lab Section 3 Basic No-No’s Suggestions for other precautions? Predictable File Locations Weak Password Recovery Information Leakage Suggestions for other precautions? dunce

Wrap-up Cross Site Scripting Definition 3 Main XSS Attacks XSS Defenses Lab Procedures Questions???