An anti-hacking guide.  Hackers are kindred of expert programmers who believe in freedom and spirit of mutual help. They are not malicious. They may.

Slides:



Advertisements
Similar presentations
Module XIV SQL Injection
Advertisements

SQL Injection Stephen Frein Comcast.
Exploring Security Vulnerabilities by Exploiting Buffer Overflow using the MIPS ISA Andrew T. Phillips Jack S. E. Tan Department of Computer Science University.
Understand Database Security Concepts
Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.
-Ajay Babu.D y5cs022.. Contents Who is hacker? History of hacking Types of hacking Do You Know? What do hackers do? - Some Examples on Web application.
Prepared by: Nahed Al-Salah
9/9/2005 Developing "Secure" Web Applications 1 Methods & Concepts for Developing “Secure” Web Applications Peter Y. Hammond, Developer Wasatch Front Regional.
Security Issues and Challenges in Cloud Computing
Introduction The concept of “SQL Injection”
Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.
Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.
Stack buffer overflow
Teaching Buffer Overflow Ken Williams NC A&T State University.
1. What is SQL Injection 2. Different varieties of SQL Injection 3. How to prevent it.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
SQL Injection and Buffer overflow
Dec 13 th CS555 presentation1 Yiwen Wang --“Securing the DB may be the single biggest action an organization can take to protect its assets” David C. Knox.
SQL Injection Attacks CS 183 : Hypermedia and the Web UC Santa Cruz.
Presenter Deddie Tjahjono.  Introduction  Website Application Layer  Why Web Application Security  Web Apps Security Scanner  About  Feature  How.
Threats to I.T Internet security By Cameron Mundy.
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
SQL Injection Timmothy Boyd CSE 7330.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
(CPSC620) Sanjay Tibile Vinay Deore. Agenda  Database and SQL  What is SQL Injection?  Types  Example of attack  Prevention  References.
CSCI 6962: Server-side Design and Programming Secure Web Programming.
Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.
Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.
Computer Security and Penetration Testing
BLENDED ATTACKS EXPLOITS, VULNERABILITIES AND BUFFER-OVERFLOW TECHNIQUES IN COMPUTER VIRUSES By: Eric Chien and Peter Szor Presented by: Jesus Morales.
Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.
OSI and TCP/IP Models And Some Vulnerabilities AfNOG th May 2011 – 10 th June 2011 Tanzania By Marcus K. G. Adomey.
Attacking Applications: SQL Injection & Buffer Overflows.
OWASP Top Ten #1 Unvalidated Input. Agenda What is the OWASP Top 10? Where can I find it? What is Unvalidated Input? What environments are effected? How.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.
Security. Security Flaws Errors that can be exploited by attackers Constantly exploited.
By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.
Overflow Examples 01/13/2012. ACKNOWLEDGEMENTS These slides where compiled from the Malware and Software Vulnerabilities class taught by Dr Cliff Zou.
Buffer Overflow Group 7Group 8 Nathaniel CrowellDerek Edwards Punna ChalasaniAxel Abellard Steven Studniarz.
What is exactly Exploit writing?  Writing a piece of code which is capable of exploit the vulnerability in the target software.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
Lecture 13 Page 1 CS 236 Online Major Problem Areas for Secure Programming Certain areas of programming have proven to be particularly prone to problems.
Buffer overflow and stack smashing attacks Principles of application software security.
Secure Authentication. SQL Injection Many web developers are unaware of how SQL queries can be tampered with SQL queries are able to circumvent access.
David Evans CS201j: Engineering Software University of Virginia Computer Science Lecture 9: Designing Exceptionally.
Group 9. Exploiting Software The exploitation of software is one of the main ways that a users computer can be broken into. It involves exploiting the.
Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.
VM: Chapter 7 Buffer Overflows. csci5233 computer security & integrity (VM: Ch. 7) 2 Outline Impact of buffer overflows What is a buffer overflow? Types.
1988 Morris Worm … estimated 10% penetration 2001 Code Red … 300,00 computers breached 2003 Slammer/Sapphire … 75,00 infections in 10 min Zotob …
Software Security. Bugs Most software has bugs Some bugs cause security vulnerabilities Incorrect processing of security related data Incorrect processing.
How to Make Yourself More Secure Using Public Computers and Free Public Wi-Fi.
Introduction SQL Injection is a very old security attack. It first came into existence in the early 1990's ex: ”Hackers” movie hero does SQL Injection.
Cosc 5/4765 Database security. Database Databases have moved from internal use only to externally accessible. –Organizations store vast quantities of.
Secure Programming Dr. X
Sabrina Wilkes-Morris CSCE 548 Student Presentation
SQL Injection.
Chapter 7: Identifying Advanced Attacks
Common Methods Used to Commit Computer Crimes
Secure Programming Dr. X
Module 30 (Unix/Linux Security Issues II)
SQL INJECTION ATTACKS.
Security mechanisms and vulnerabilities in .NET
CMSC 414 Computer and Network Security Lecture 21
CS 465 Buffer Overflow Slides by Kent Seamons and Tim van der Horst
Chapter 13 Security Methods Part 3.
CS5123 Software Validation and Quality Assurance
Lecture 27 Security I April 4, 2018 Open news web sites.
Understanding and Preventing Buffer Overflow Attacks in Unix
Cybersecurity Simplified: Phishing
Presentation transcript:

An anti-hacking guide

 Hackers are kindred of expert programmers who believe in freedom and spirit of mutual help. They are not malicious. They may be tied to the common belief described aptly by the modern Zen poem stating: To follow the path: look to the master, follow the master, walk with the master, see through the master, become the master.

 The malicious individuals who break into programs and systems in order to do damage or to steal something are referred to as crackers or attackers. Most attackers are not highly skilled, but take advantage of published exploit code and known techniques to do their damage.  Most attackers are not as highly skilled as hackers are, they take advantage of published exploits. Such people who use published code to attack software and computer systems are called script kiddies.

 The new Boeing 787 Dreamliner aircraft provides on board internet access to its passengers but concerns were raised about the fact that the flight’s controls were connected to the same network serving internet access to the passengers! What could it mean?  What if an Iraqi or Afghan hacker breaks open the networks at Pentagon’s missile stations?  Or talking about something that’s close to our chores, what if we leave loopholes in the SPFS codebase which may be exploited to crack the Core Billing Manager? What would it mean to the company that deploys the CBM application?

 There are numerous ways an attacker may break applications apart. We’ll take two specifically notorious and very widely used techniques of exploiting software, namely:  SQL Injection  Buffer Overflows

 SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application.  When an end user is asked for his/her credentials an attacker may inject malicious queries into the database if user input is not strongly typed.

 How would the code for checking the username in the login prompt look like? statement := "SELECT * FROM users WHERE name = '" + userName + "';“  Do you see anything wrong with this SQL code?  Is it vulnerable?

 NO?  What if an attacker entered the following username? a' or 't'='t  In the original query the completed entry would look something like, SELECT * FROM users WHERE name = 'a' OR 't'='t';  Do you think this username will ever be wrong?

 And what if a certain noble human being entered the following username? ‘ OR 1=1;DROP TABLE users;--  The original query will now look like: SELECT * FROM users WHERE name = ‘‘ OR 1=1;DROP TABLE users;--  As you may see this query will delete the users table completely and comment out any further queries in the statement.

 On November 01, 2005, A high school student used SQL injection to break into the site of a Taiwanese information security magazine and stole customer's information.  On January 13, 2006, Russian hackers broke into a Rhode Island government web site and allegedly stole credit card data from individuals who have done business online with state agencies.  On June 29, 2007, A hacker defaced Microsoft U.K. Web Page using SQL injection.

 Input Validation is GOSPEL:  Always perform strict type checking of all data input by users.  Don’t ever trust the user. They’re not always noble and trustworthy.  Limit the length of input.  Never use of any of the default database accounts.

void foo(char *bar) { char c[12]; strcpy(c,bar); } int main(int argc,char *argv[]) { foo(argv[1]); return 0; }

void foo(char *bar) { char c[12]; strcpy(c,bar); /* No bounds checking!! */ } int main(int argc,char *argv[]) { foo(argv[1]); return 0; }

Before data is copied.

When legitimate data is copied, INPUT: "hello"

When you’re hacked! INPUT: "AAAAAAAAAAAAAAAAAAAA\x08\x35\xC0\x80"

 As seen above, an attacker may send junk input to your program and change the return address of functions to anywhere in memory he likes to. That memory location could very well contain attacker implanted code! And imagine, what would happen if the program above was running with super user privileges!  One could also modify data contained in variables using buffer overflow!

 Functions like strcpy(), gets(), strcat(), sprintf() etc. don’t perform a bounds check on the destination buffer. This allows an attacker to copy unsolicited data into the buffer!  C and C++ are two languages that don’t perform any bounds checking on the input and are hence vulnerable if one is not careful while writing code.

 Always use the safe alternatives to strcpy(), strcat(), gets(), sprintf() etc. like strncpy(), strncat(), fgets(), snprintf() !  Always fail safely, which means perform error checking and exception handling at every possible place in the code. Remember, don’t trust the user!  Grant minimum required privileges to your programs.

 Use static code analyzers before you deploy your code!  Use Stack Canaries!  Use safe libraries!  Use Stack Smashing!

NO CODE IS BUG FREE, BUT PREVENTION IS BETTER THAN CURE!