Web Applications Testing By Jamie Rougvie Supported by.

Slides:



Advertisements
Similar presentations
Webgoat.
Advertisements

Past, Present and Future By Eoin Keary and Jim Manico
HI-TEC 2011 SQL Injection. Client’s Browser HTTP or HTTPS Web Server Apache or IIS HTML Forms CGI Scripts Database SQL Server or Oracle or MySQL ODBC.
Hands-on SQL Injection Attack and Defense HI-TEC July 21, 2013.
Don’t get Stung (An introduction to the OWASP Top Ten Project) Barry Dorrans Microsoft Information Security Tools NEW AND IMPROVED!
SEC835 OWASP Top Ten Project.
Hands on Demonstration for Testing Security in Web Applications
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
Into the Mind of the Hacker: Hands-On Web Application Hacking Adam Doupé University of California, Santa Barbara 4/23/12.
IDAsec copyright - all rights reserved1 Web Vulnerabilities in the real world.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Web Application Security An Introduction. OWASP Top Ten Exploits *Unvalidated Input Broken Access Control Broken Authentication and Session Management.
Lecture 16 Page 1 CS 236 Online Cross-Site Scripting XSS Many sites allow users to upload information –Blogs, photo sharing, Facebook, etc. –Which gets.
Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
Introduction to Application Penetration Testing
Is Your Website Hackable? Check with Acunetix Web Vulnerability Scanner. Acunetix Web Vulnerability Scanner V9.
OWASP Zed Attack Proxy Project Lead
Cross-Site Scripting Vulnerabilities Adam Doupé 11/24/2014.
Origins, Cookies and Security – Oh My! John Kemp, Nokia Mobile Solutions.
WEB SECURITY WEEK 3 Computer Security Group University of Texas at Dallas.
The OWASP Way Understanding the OWASP Vision and the Top Ten.
CSCI 6962: Server-side Design and Programming Secure Web Programming.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
Security testing of study information system Security team: Matis Alliksoo Alo Konno Urmo Lihten Taavi Podzuks Sander Saarm.
Ryan Dewhurst - 20th March 2012 Web Application (PHP) Security.
November 13, 2008 Ohio Information Security Forum Attack Surface of Web Applications James Walden Northern Kentucky University
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Web Application Security ECE ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.
Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim
Introduction To Web Application Security in PHP. Security is Big And Often Difficult PHP doesn’t make it any easier.
OWASP Top 10 from a developer’s perspective John Wilander, OWASP/Omegapoint, IBWAS’10.
Hands-On with RailsGoat WEB APPLICATION SECURITY TESTING.
October 3, 2008IMI Security Symposium Application Security through a Hacker’s Eyes James Walden Northern Kentucky University
Building Secure Web Applications With ASP.Net MVC.
COMP9321 Web Application Engineering Semester 2, 2015 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 1COMP9321, 15s2, Week.
CS526Topic 12: Web Security (2)1 Information Security CS 526 Topic 9 Web Security Part 2.
Copyright © The OWASP Foundation This work is available under the Creative Commons SA 2.5 license The OWASP Foundation OWASP Denver February 2012.
Web Security. Introduction Webserver hacking refers to attackers taking advantage of vulnerabilities inherent to the web server software itself These.
Defending Applications Against Command Insertion Attacks Penn State Web Conference 2003 Arthur C. Jones June 18, 2003.
Ken De Souza KWSQA, April 2016 V. 1.0
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Do not try any of the techniques discussed in this presentation on a system you do not own. It is illegal and you will get caught.
By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,
Page 1 Ethical Hacking by Douglas Williams. Page 2 Intro Attackers can potentially use many different paths through your application to do harm to your.
SECURE DEVELOPMENT. SEI CERT TOP 10 SECURE CODING PRACTICES Validate input Use strict compiler settings and resolve warnings Architect and design for.
Web Application Security
Javascript worms By Benjamin Mossé SecPro
Group 18: Chris Hood Brett Poche
Web Application Vulnerabilities
Web Application Bug Hunting
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
TOPIC: Web Security (Part-4)
WEB APPLICATION TESTING
Vulnerability Chaining Every Low Issue Has its big impact
Penetration Testing following OWASP
امنیت نرم‌افزارهای وب تقديم به پيشگاه مقدس امام عصر (عج) عباس نادری
WWW安全 國立暨南國際大學 資訊管理學系 陳彥錚.
Hacking web applications
Presentation transcript:

Web Applications Testing By Jamie Rougvie Supported by

Jamie Rougvie 2 Disclaimer All information presented here is for educational use only. Please only practice in a controlled environment that you own or that you have written permission to use!

Jamie Rougvie 3 Why test web application ?? Tesco web security 'flaw' probed by UK data watchdog. 6.5 Million LinkedIn passwords leaked by hackers. GoDaddy hacked, millions of sites go down in registrar outage. Yahoo hacked, 450,000 passwords posted online. IEEE exposed 100k plaintext usernames and passwords on their FTP server.

Jamie Rougvie 4 Common tools Web Browser Burpsuit / ZAP there are loads of others tools and plugins to aid us when testing but the most common ones are: Sqlmap Nikto Nessus Dir Buster BEEF Automated scanners Netsparker, Acunetix and W3af

Jamie Rougvie 5 What is a Proxy?

Jamie Rougvie 6 Demo Burp Suite

Jamie Rougvie 7 Getting Started Browse the website Identify functional pages List possible attacks for functional pages Try to implement attacks Documentation screen shots

Jamie Rougvie 8 Owasp Top 10 A1: Injection A2: Cross-Site Scripting (XSS) A3: Broken Authentication and Session Management A4: Insecure Direct Object References A5: Cross-Site Request Forgery (CSRF) A6: Security Misconfiguration A7: Insecure Cryptographic Storage A8: Failure to Restrict URL Access A9: Insufficient Transport Layer Protection A10: Unvalidated Redirects and Forwards

SQL Injection A1 Injection

Jamie Rougvie 10 About SQL SQL Injection attacks are the process of injecting SQL commands into SQL queries to manipulate the database which the application relies on. Two types of SQL injection error based and blind.

Jamie Rougvie 11 Demo of SQL Injection

Jamie Rougvie 12 SQL Explained We can assume the SQL statement is Select * FROM users WHERE username= ' ' AND password= ' ' The Code we Injected ' or ' '= ' The Query that’s gets submitted is Select * FROM users WHERE username= ' ' AND password= ' ' or ' ' = ' ' This Result is a true statement so data from the database gets returned.

Jamie Rougvie 13 Power of SQL Injection Bypass login pages Dump entire databases using a tool like Sqlmap. This will allow you to get usernames and passwords which you could then crack unless they were hashed. People like using the same username and password on many sites so you can now try to access other sites with the login details.

Cross Site Scripting A3 XSS

Jamie Rougvie 15 About XSS Injecting HTML or running code (Javascript) in a user web browser Three Types of XSS they are stored, reflected and DOM. XSS can be found in any user supplied input COOKIES,GET,POST,HTTP HEADERS

Jamie Rougvie 16 XSS Demo

Jamie Rougvie 17 What can you do with an XSS attack Steal Cookies Redirect users Deface website Use BEEF

Jamie Rougvie 18 BEEF Demo

Jamie Rougvie 19 The Solution Always validate any input from the user on the server side!

Common Vulnerabilities Low hanging fruit

Jamie Rougvie 21 Default Login Details Many People make the mistake of installing applications and leaving the default settings setup on it. Example: root: password - MYSQL root: blank – PHPMyAdmin This may vary between versions but a quick Google search can find the correct default login.

Jamie Rougvie 22 Weak Password This is really common and yet so simple to fix! Password abc There are loads more default and silly passwords! Other bad ideas. Any Dictionary word Website Name Organisation Details

Jamie Rougvie 23 Old Version Running Companies don’t upgrade web servers or CMS (Content Management System) in case they break it. This may make it easier to exploit as they would not have known security bugs fixed.

Jamie Rougvie 24 Information Leakage Information leaked from the site can give vital information to the attack. Information leakage can come in many forms. Example:.

Jamie Rougvie 25 PRATICE RESOURCES jamierougive.co.uk – My Blog jamierougive.co.uk ypisg.bcs.org – Young Professional Information Security Group ypisg.bcs.org Great for all testing hack.me - Working progress as seen in demos hack.me – Great for web app testing – Social Engineer Toolkit – Damn Vulnerable Web App – Demo Example g0tmi1k.blogspot.co.uk BOOT 2 ROOT g0tmi1k.blogspot.co.uk Beef Project

Jamie Rougvie 26 Questions!! ANY QUESTIONS ?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.