Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Application Security

Published byEllen Bridges Modified over 6 years ago

Similar presentations

Presentation on theme: "Web Application Security"— Presentation transcript:

1 Web Application Security
Chris Edwards Quintin Cutts Steve McIntosh

2

3

4

5

6

7 SQL Injection Example:
Look up customer details, one at a time, via customer ID.

8

9

10

11 $mysqli= new mysqli($host,$dbuser,$dbpass, $dbname); $id= $_POST{'id'}; # SQL query (dynamic) $query = "SELECT * FROM cust WHERE id = $id"; $result = $mysqli->query($query);

12 SELECT * FROM cust WHERE id = 274848;

13 274848 274848 OR 1 = 1 $query = "SELECT * FROM cust WHERE id = $id ";
$query = "SELECT * FROM cust WHERE id = OR 1 = 1";

14

15

16

17

18

19

20 How to fix the code… Sanitise untrusted inputs
Prepared Statements (with Parameterised Queries)

21 $id= $_POST{'id'}; # SQL query (dynamic - vulnerable) $query = "SELECT
$id= $_POST{'id'}; # SQL query (dynamic - vulnerable) $query = "SELECT * FROM cust WHERE id = $id"; $result = $mysqli->query($query);

22 How to do it right…

23 $id= $_POST{'id'}; # SQL query (prepared) $query = "SELECT
$id= $_POST{'id'}; # SQL query (prepared) $query = "SELECT * FROM cust WHERE id = ?"; $stmt = $mysqli->prepare($query); $stmt->bind_param(“s", $id); $stmt->execute(); $stmt->bind_result($id, $name, $addr, $dob);

24

25

26 Other Web Application Flaws

27 Open Web Application Security Project
(OWASP) OWASP Top Ten

28 Our advice - go through the OWASP Top Ten list, and for each common flaw:
Check if it may apply to your situation Consider whether you've taken sufficient steps to address it.

29

30

31 Web Pen Test Tools Links from Steve McIntosh live demo presentation.

32 OWASP Vulnerable Web Applications Directory Project
List of sample vulnerable web applications. On-Line applications Off-Line applications Virtual Machines and ISO images

33 Web Security Dojo

34 OWASP ZAP (Zed Attack Proxy Project)
Java application Automated scanner Manual tools Extensions

35 SQLmap http://sqlmap.org/ Multiple DB support Password cracking
Download/upload files Run commands DB and OS

36 WebScarab Attack proxy, functionality now included in OWASP ZAP.

37 “Do”s Try it yourself Against your own applications
Against each other's (with permission!)

38 “Don’t”s Attack without permission Hack the Internet

39 Other useful resources:

40 Kali https://www.kali.org/ Penetration testing distribution
Debian (Ubuntu) 32bit/64bit/ARM Vmware, VirtualBox

41 More web pen test tools http://sectools.org/tag/web-scanners/

Download ppt "Web Application Security"

Similar presentations

Approaches to meeting the PCI Vulnerability Management and Penetration Testing Requirements Clay Keller.

Approaches to meeting the PCI Vulnerability Management and Penetration Testing Requirements Clay Keller.
Hands on Demonstration for Testing Security in Web Applications

Hands on Demonstration for Testing Security in Web Applications
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
Web Vulnerability Assessments

Web Vulnerability Assessments
Client and Server-Side Vulnerabilities Stephen Reese.

Client and Server-Side Vulnerabilities Stephen Reese.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
WebGoat & WebScarab “What is computer security for $1000 Alex?”

WebGoat & WebScarab “What is computer security for $1000 Alex?”
Penetration Testing Presented by: Elham Hojati Advisor: Dr. Akbar Namin July 2014.

Penetration Testing Presented by: Elham Hojati Advisor: Dr. Akbar Namin July 2014.
Introduction The concept of “SQL Injection”

Introduction The concept of “SQL Injection”
Into the Mind of the Hacker: Hands-On Web Application Hacking Adam Doupé University of California, Santa Barbara 4/23/12.

Into the Mind of the Hacker: Hands-On Web Application Hacking Adam Doupé University of California, Santa Barbara 4/23/12.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
“Today over 70% of attacks against a company’s network come at the ‘Application Layer’ not the Network or System layer.” - Gartner Is Your Web Application.

“Today over 70% of attacks against a company’s network come at the ‘Application Layer’ not the Network or System layer.” - Gartner Is Your Web Application.
CyberSecurity for NEEShub: Best-Practices and Lessons Learned Gaspar Modelo-Howard CyberSecurity Engineer George E. Brown, Jr. Network for Earthquake Engineering.

CyberSecurity for NEEShub: Best-Practices and Lessons Learned Gaspar Modelo-Howard CyberSecurity Engineer George E. Brown, Jr. Network for Earthquake Engineering.
GreenSQL Yuli Stremovsky /MSN/Gtalk:

GreenSQL Yuli Stremovsky /MSN/Gtalk:
Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.

Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.
W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.

W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.
Introduction to Application Penetration Testing

Introduction to Application Penetration Testing
Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.

Prepared By, Mahadir Ahmad. StopBadware makes the Web safer through the prevention, mitigation, and remediation of badware websites. partners include.
Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.

Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.
April 14, 2008 Secure Coding Faculty Workshop Web Application Security: Exercise Development Approaches James Walden

April 14, 2008 Secure Coding Faculty Workshop Web Application Security: Exercise Development Approaches James Walden

Similar presentations

Ads by Google