Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Node.js Highway: Attacks are at Full Throttle Helen Bravo Director of Product Management Checkmarx.

Published byGinger French Modified over 9 years ago

Similar presentations

Presentation on theme: "The Node.js Highway: Attacks are at Full Throttle Helen Bravo Director of Product Management Checkmarx."— Presentation transcript:

1 The Node.js Highway: Attacks are at Full Throttle Helen Bravo Director of Product Management Checkmarx

2 Agenda Architecture DoS Weak Crypto JSON – it’s everywhere! Re-DoS

3 Architecture

4

5 CPU intensive applications Heavy lifting (calculations) I/O intensive Applications DB Queries Applications with high user interaction (Webapps)

6 Single Thread Events handler

7 Single Thread Architecture - Event Loop Event Queue Event Loop (Single thread) File System Database Network Register Callback Operation Complete Trigger Callback

8 Function sum (p) for (i=1;i<=p;++i) { f=f+i; } Function sum (p) for (i=1;i<=p;++i) { f=f+i; } Denial of Service

9 DoS Demo http://localhost:49090/sum?p=5 http://localhost:49090/sum?p=100000000 http://localhost:49090/sum?p=5

10 Node.js Weak Crypto

11

12 Open Source Code

13 Step 1 Register FakeUser1 Register FakeUser2 Register FakeUser3 FakeUser1 Password FakeUser2 Password FakeUser3 Password Reminder: Password = MD5(random())

14 Weak Crypto Given 3 “random” new passwords – we will be able to tell all future ones First, we need to “reverse” the MD5 for 3 passwords to their original “random” float number

15 Step 2 Register FakeUser1 Register FakeUser2 Register FakeUser3 FakeUser1 Password FakeUser2 Password FakeUser3 Password Reminder: Password = MD5(random())

16 Step 2 FakeUser1 – Clear Random FakeUser1 Password FakeUser2 Password FakeUser3 Password Reminder: Password = MD5(random()) FakeUser2 – Clear Random FakeUser3 – Clear Random

17 Given 3 “random” new passwords – we will be able to tell all future ones Then, we need to compute the “state” variable to get the 4 th consecutive value.

18 V8’s default PRNG V8 PRNG is known to be weak. For example, check Amit Klein’s http://dl.packetstormsecurity.net/papers/general/Google_Chrome_3.0_Beta_Math.r andom_vulnerability.pdf http://dl.packetstormsecurity.net/papers/general/Google_Chrome_3.0_Beta_Math.r andom_vulnerability.pdf A pseudorandom number generator (PRNG), is an algorithm for generating a sequence of numbers whose properties approximate the properties of sequences of random numbers.algorithmrandom numbers

19 V8’s Default PRNG SeedState 0 [0,1] State 1 [0,1] State 2 [0,1] State 3 [0,1] State n [0,1] Random 0 Random 1 Random 2 Random n Random 3

20 V8’s default PRNG The parameters of the algorithm are modified by Google every few releases, but the algorithm looks similar to the following: (the actual value is then divided by 2^32) https://code.google.com/p/v8/source/browse/tags/3.14.5.9/src/v8.cc?r=14773 https://code.google.com/p/v8/source/browse/tags/3.14.5.9/src/v8.cc?r=14773 // Random number generator using George Marsaglia's MWC algorithm. static uint32_t random_base(uint32_t* state) { // Initialize seed using the system random(). // No non-zero seed will ever become zero again. if (state[0] == 0) seed_random(state); // Mix the bits. Never replaces state[i] with 0 if it is nonzero. state[0] = 18273 * (state[0] & 0xFFFF) + (state[0] >> 16); state[1] = 36969 * (state[1] & 0xFFFF) + (state[1] >> 16); return (state[0] << 14) + (state[1] & 0x3FFFF); }

21 V8’s default PRNG Given 3 consecutive random numbers, the values of state[0] and state[1] can be inferred – hence all future values can be known in advance. But In browsers, each tab has its own set of “state” variables. That’s one of the reasons this issue is treated as low-severity But In node.js, all users are running within the same context. Each user can tell what are the values of the global “state” variables.

22 Step 3 FakeUser1 – Clear Random FakeUser1 Password FakeUser2 Password FakeUser3 Password Reminder: Password = MD5(random()) FakeUser2 – Clear Random FakeUser3 – Clear Random RealUser 4 – Future Password

23 Step 3 FakeUser1 Clear Random FakeUser2 Clear Random FakeUser3 Clear Random Real User 4 future password

24 Demo http://localhost/NodeJSCrypto/Default3.aspx http://localhost/NodeJSCrypto/Default2.aspx

25 JSON is Everywhere

26 Architecture MongoDB Document-oriented database. Classified as NoSQL Doesn’t use the traditional table-based structure Stores JSON documents in its dynamic schemas.

27 Architecture db.products.insert( { item: "card", qty : 15 } ) db.products.insert( { name: “elephant", size: 1700 } ) db.products.insert( { item: "card", qty : 15 } ) db.products.insert( { name: “elephant", size: 1700 } ) db.products.insert db.products.find db.products.find() - Find all of them db.products.find( { qty: 15 }) - Find based on equality db.products.find( { qty: { $gt: 25 } } ) - Find based on criteria db.products.find() - Find all of them db.products.find( { qty: 15 }) - Find based on equality db.products.find( { qty: { $gt: 25 } } ) - Find based on criteria Data is inserted and stored as JSON Queries as described using JSON var obj; obj.qty=15; db.products.find(obj) var obj; obj.qty=15; db.products.find(obj)

28 QueryString -> Object -> JSON res.write(JSON.stringify(req.query)); Query StringReq.queryJSON of the object created http://localhost:11111/?a=bObj.a = “b”{"a":"b"} http://localhost:11111/?a=b&c=dObj.a = “b” Obj.c = “d” {"a":"b","c":"d"} http://localhost:11111/?a=b&c=d&a=zObj.a[] = {“b”, “z”} Obj.c = “d” {"a":["b","z"],"c":"d"} http://localhost:11111/?a[5]=b&c=dObj.a[] = {“b”} Obj.c = “d” {"a":["b"],"c":"d"} http://localhost:11111/?a[s]=b&c=dObj.a.s = “b” Obj.c = “d” {"a":{"s":"b"},"c":"d"} Locahlhost/name[$gt]=a&pass[$gt]=aObj.name.$gt=“a” Obj.pass.$gt=“a” {name:{“$gt”:a}, pass:{“$gt”,a}} QSServer.js

29 name = req.query.username; pass = req.query.password; db.users.find({username: name, password: pass}); name = req.query.username; pass = req.query.password; db.users.find({username: name, password: pass}); Security – User Supplied Data What if we use the following query: 29 db.users.find({username: {$gt, “a”}, password : {$gt, “a”}} db.users.find({username: {$gt, “a”}, password : {$gt, “a”}}

30 Security – User Supplied Data 30 db.users.find({user: {$gt, “a”}, pass : {$gt, “a”}} db.users.find({user: {$gt, “a”}, pass : {$gt, “a”}} http:///server/page?user[$gt]=a&pass[$gt]=a Instead of: obj.user = “Maty” obj.pass = “123” We can use: Obj.user.$gt=“a” Obj.pass.$gt=“a” Instead of: obj.user = “Maty” obj.pass = “123” We can use: Obj.user.$gt=“a” Obj.pass.$gt=“a”

31 JSON-base SQL Injection Node.JS, being a JSON based language, can accept JSON values for the.find method: A user can bypass it by sending 31 http://blog.websecurify.com/2014/08/hacking-nodejs-and-mongodb.html http:///server/page?user[$gt]=a&pass[$gt]=a

32 DEMO http://localhost:49090/?user=hi&pass=bye

33 ReDOS

34 JSON-base SQL Injection You can use the following: Then 34 db.users.find({username: username}); bcrypt.compare(candidatePassword, password, cb);

35 Title

36 JSON-based SQL Injection This can lead to Regular Expression Denial of Service through the {“username”: {“$regex”: “……..}} 36 db.users.find({username: username});

37 DEMO http://localhost:49090/?user=admin&pass[$regex]=^(a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a| a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a| a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a| a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a| a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a| a|a|a|a|a|a|a|a|a|a)(d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d |d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d)$ http://localhost:49090/?user[$gt]=&pass[$gt]= http://localhost:49090/?user=admin&pass[$regex]=^(a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a |a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a| a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a| a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a| a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a| a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a| a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a| a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a| a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a|a)(d |d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d|d| d|d|d|d|d|d|d|d|d|d|d|d)$

38 Conclusion Always validate the input length, structure and permitted characters Remember - Node.js is highly sensitive to CPU-intensive tasks, and there’s a single thread for user-code so ReDoS is really bad!!! 38

39 Thank You! Helen Bravo Checkmarx 39

Download ppt "The Node.js Highway: Attacks are at Full Throttle Helen Bravo Director of Product Management Checkmarx."

Similar presentations

17 HTML, Scripting, and Interactivity Section 17.1 Add an audio file using HTML Create a form using HTML Add text boxes using HTML Add radio buttons and.

17 HTML, Scripting, and Interactivity Section 17.1 Add an audio file using HTML Create a form using HTML Add text boxes using HTML Add radio buttons and.
Overview and Demonstration of declarative workflows in SharePoint using Microsoft SharePoint Designer 2007 Kevin Hughes MCT, MCITP, MCSA, MCTS, MCP, Network+,

Overview and Demonstration of declarative workflows in SharePoint using Microsoft SharePoint Designer 2007 Kevin Hughes MCT, MCITP, MCSA, MCTS, MCP, Network+,
OWASP WEBGOAT Alaa Darabseh Department of Computer Science

OWASP WEBGOAT Alaa Darabseh Department of Computer Science
Understand Database Security Concepts

Understand Database Security Concepts
Creating Computer Programs lesson 27. This lesson includes the following sections: What is a Computer Program? How Programs Solve Problems Two Approaches:

Creating Computer Programs lesson 27. This lesson includes the following sections: What is a Computer Program? How Programs Solve Problems Two Approaches:
The Essence of Command Injection Attacks in Web Applications Zhendong Su and Gary Wassermann Present by Alon Kremer April 2011.

The Essence of Command Injection Attacks in Web Applications Zhendong Su and Gary Wassermann Present by Alon Kremer April 2011.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.

It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
1 Homework Turn in HW2 at start of next class. Starting Chapter 2 K&R. Read ahead. HW3 is on line. –Due: class 9, but a lot to do! –You may want to get.

1 Homework Turn in HW2 at start of next class. Starting Chapter 2 K&R. Read ahead. HW3 is on line. –Due: class 9, but a lot to do! –You may want to get.
Dynamically Discovering Likely Program Invariants to Support Program Evolution Michael D. Ernst, Jake Cockrell, William G. Griswold, David Notkin Presented.

Dynamically Discovering Likely Program Invariants to Support Program Evolution Michael D. Ernst, Jake Cockrell, William G. Griswold, David Notkin Presented.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Apache Tomcat Server – installation & use Server-side language-- use Java Server Pages Contrast Client-side languages HTML Forms Servers & Server-side.

Apache Tomcat Server – installation & use Server-side language-- use Java Server Pages Contrast Client-side languages HTML Forms Servers & Server-side.
Chapter 1 Program Design

Chapter 1 Program Design
Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software

Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software
CST 200 - JavaScript Validating Form Data with JavaScript.

CST JavaScript Validating Form Data with JavaScript.
{ Code Injection Cable Johnson.  Overview  Common Injection Types  Developer Prevention Code Injection.

{ Code Injection Cable Johnson.  Overview  Common Injection Types  Developer Prevention Code Injection.
Chapter 6: Forms JavaScript - Introductory. Previewing the Product Registration Form.

Chapter 6: Forms JavaScript - Introductory. Previewing the Product Registration Form.
by Chris Brown under Prof. Susan Rodger Duke University June 2012

by Chris Brown under Prof. Susan Rodger Duke University June 2012
4-1 INTERNET DATABASE CONNECTOR Colorado Technical University IT420 Tim Peterson.

4-1 INTERNET DATABASE CONNECTOR Colorado Technical University IT420 Tim Peterson.
CSCI 6962: Server-side Design and Programming Secure Web Programming.

CSCI 6962: Server-side Design and Programming Secure Web Programming.
Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.

Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.

Similar presentations

Ads by Google