Web Application Security ECE 4112. ECE 4112 - Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.

Slides:



Advertisements
Similar presentations
PHP Form and File Handling
Advertisements

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
Webgoat.
What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.
HI-TEC 2011 SQL Injection. Client’s Browser HTTP or HTTPS Web Server Apache or IIS HTML Forms CGI Scripts Database SQL Server or Oracle or MySQL ODBC.
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
WebGoat & WebScarab “What is computer security for $1000 Alex?”
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.
Leveraging User Interactions for In-Depth Testing of Web Application Sean McAllister Secure System Lab, Technical University Vienna, Austria Engin Kirda.
Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software
Web Application Attacks ECE 4112 Fall 2007 Group 9 Zafeer Khan & Simmon Yau.
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
Introduction to Application Penetration Testing
Penetration Testing Training Day Capture the Flag Training.
Cosc 4765 Server side Web security. Web security issues From Cenzic Vulnerability report
CSCI 6962: Server-side Design and Programming Secure Web Programming.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.
JavaScript, Fourth Edition
November 13, 2008 Ohio Information Security Forum Attack Surface of Web Applications James Walden Northern Kentucky University
Lecture 16 Page 1 CS 236 Online SQL Injection Attacks Many web servers have backing databases –Much of their information stored in a database Web pages.
Software Security Testing Vinay Srinivasan cell:
1 Internet Browsing Vulnerabilities and Security ECE4112 Final Lab Ye Yan Frank Park Scott Kim Neil Joshi.
COMP3121 E-Commerce Technologies Richard Henson University of Worcester November 2011.
Security+ Guide to Network Security Fundamentals, Fourth Edition
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.
Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim
School of Computing and Information Systems CS 371 Web Application Programming Security Avoiding and Preventing Attacks.
Analysis of SQL injection prevention using a filtering proxy server By: David Rowe Supervisor: Barry Irwin.
October 3, 2008IMI Security Symposium Application Security through a Hacker’s Eyes James Walden Northern Kentucky University
Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.
SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.
Web Applications Testing By Jamie Rougvie Supported by.
By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.
Web Security SQL Injection, XSS, CSRF, Parameter Tampering, DoS Attacks, Session Hijacking SoftUni Team Technical Trainers Software University
Crash Course in Web Hacking
Lecture 19 Page 1 CS 236 Online Advanced Research Issues in Security: Web Security and Privacy CS 236 On-Line MS Program Networks and Systems Security.
Web Application Vulnerabilities ECE 4112 Internetwork Security, Spring 2005 Chris Kelly Chris Lewis April 28, 2005 ECE 4112 Internetwork Security, Spring.
Controlling Web Site Access Using Logins CS 320. Basic Approach HTML form a php page that collects the username and password  Sends them to second PHP.
1 ECE 4112 Internetwork Security: Web Application Security 28 April 2005 John Owens Shantan Pesaru.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
PHP Error Handling & Reporting. Error Handling Never allow a default error message or error number returned by the mysql_error() and mysql_errno() functions.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflow Analysis of Buffer Overflow Attacks.
Module: Software Engineering of Web Applications Chapter 3 (Cont.): user-input-validation testing of web applications 1.
Web Application (In)security Note: Unless noted differently, all scanned figures were from the textbook, Stuttard & Pinto, 2011.
Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
Web Applications Attacks A: SQL Injection Stored Cross Site Scripting Prof. Reuven Aviv Department of Computer Science Tel Hai Academic College Topics.
By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,
SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.
Web Security (cont.) 1. Referral issues r HTTP referer (originally referrer) – HTTP header that designates calling resource  Page on which a link is.
Group 18: Chris Hood Brett Poche
Web Application Security
Module: Software Engineering of Web Applications
Module: Software Engineering of Web Applications
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
TOPIC: Web Security (Part-4)
WEB APPLICATION TESTING
World Wide Web policy.
SQL Injection Attacks Many web servers have backing databases
CSE 154 Lecture 26: web security.
Lecture 2 - SQL Injection
Lecture 27 Security I April 4, 2018 Open news web sites.
Presentation transcript:

Web Application Security ECE 4112

ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts that reside on a Web Server Interacts with databases or other sources of dynamic content Examples include: search engines, webmail, shopping carts and portal systems

ECE Internetwork Security Web Applications Breach the Perimeter

ECE Internetwork Security Web Application Vulnerabilities Generally stem from improper handling of client requests and/or lack of input validation checking Web applications are publicly accessible Process data elements from within HTTP requests Fail to identify how data elements were captured – difficult to know what kind of validation and sanity checking to use

ECE Internetwork Security The Root of the Issue: Input Validation Can be difficult to locate in a large code base Penetration testing used to expose problems Web applications subject to traditional forms of attack

ECE Internetwork Security SQL Injection Vulnerabilities Stems from failure of developers to strip user input of potentially “nasty” characters prior to input use Can lead to varying levels of data/system access for attacker May allow read in or write out to files, execution of shell commands on underlying OS

ECE Internetwork Security Locating SQL Injection Vulnerabilities Studying application inputs and inserting special characters Most popular database backends give informative error messages, yielding clues about SQL syntax OR ‘1’=’1

ECE Internetwork Security Testing For SQL Injection

ECE Internetwork Security JSP Code Example: String username = request.getParameter(“user”); String password = request.getParameter(“password”); String SQLQuery = “SELECT Username FROM Users WHERE Username = ‘” + username + “’ AND Password = ‘” + password + “’”; Statement stmt = dbConnection.createStatement(); ResultSet resultSet = stmt.executeuery(SQLQuery); String checkAuth = resultSet.getString(1); boolean authenticated = false; if(checkAuth == null) authenticated = false; else authenticated = true;

ECE Internetwork Security Web Form Example: Login:‘ OR ‘1’=’1 Password:‘ OR ‘1’=’1 Now the SQL Query becomes: SELECT Username FROM Users WHERE Username = ‘’ OR ‘1’=’1’ AND Password = ‘’ OR ‘1’=’1’

ECE Internetwork Security OS Commanding If a hacker can access your cmd.exe or a copy of it, he can use it to execute arbitrary commands on your web browser. In conjunction with tftp, a hacker could use this to download his own tools to the machine and compromise the machine further.

ECE Internetwork Security Cross Site Scripting Also known as XSS Embed Javascript into page that executes on view Commonly used to display and redirect user cookie data Particularly vulnerable are message boards and web forms

ECE Internetwork Security Cross Site Scripting Examples alert(document.cookie)  Can display user’s cookie which can contain session and authentication information Gmail XSS Vulnerability - Fixed  zx variable used in authentication can contain exploitable scripts Often the script text is converted to hex characters to hide its intent

ECE Internetwork Security Phishing Attacks Attacker creates replica login page that forwards information to them Usually attack financial institutions Spread by that persuades users to access the fake page and login October 2004, 1142 phishing sites up from 542 in September.

ECE Internetwork Security Phishing Examples Citibank recent target  Newer sophisticated attacks being used by organized crime groups to collect credit card and social security numbers links can contain IP address instead of DNS name in link

ECE Internetwork Security Achilles Web Proxy Achilles acts as a HTTP/HTTPS proxy that allows a user to intercept, log, and modify web traffic on the fly. By modifying parameters, a user can potentially alter the contents of hidden fields or gain access to additional resources. Can also be used to change cookie values.

ECE Internetwork Security What you will do in this lab: Information Gathering using nmap and netcat SQL Injection OS Commanding Cross Site Scripting Phishing Attacks Achilles Web Proxy

ECE Internetwork Security Resources Lecture Slides excerpted from:     “Phishing spreads the net wider.” Computer Weekly. November   “Cross-Site Scripting.” SPIDynamics.  “Top Web App Attack Methods and How to Combat Them.” SPIDynamics. 

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.