SlideShare ist ein Scribd-Unternehmen logo

a

Als ODP, PDF herunterladen
Sandeep Kumar
Sandeep Kumar
1 von 45
PHP Security Presented by :
Index • Introduction • PHP & Security • Session Hijacking • Types Of Session Hijacking • Protection Against Session Hijacking • Preventing XSS
Index • SQL Injection • How SQL Injection Works • Goals Of SQL Injection • XSS •
Introduction • Security is a measurement, not a characteristic. • It’s is also an growing problem that requires an continually evolving solution. ØA good measure of
PHP & Security • PHP keeps on growing as a language, making headway into enterprise and corporate markets. • • • Consequently PHP applications
Session Hijacking • TCP session hijacking is when a hacker takes over a TCP session between two machines. • Since most authentication only occurs at the start of a TCP session, this allows the
Types of Session Hijacking
Protection Against Session Hijacking • Use encryption • Use a secure protocol • Limit incoming connections • Minimize remote access •
Input Validation • One of the key concepts you must accept is that user input is unreliable and not to be trusted. – Partially lost in transmission between server & client. – Corrupted by some in- between process.
Strong Password • Do not store password as plain text • Do not try to invent your own password security • Do not encrypt passwords as they are reversible. Security through
Strong Password • Do not use MD5 – though this cryptographic hashing function is irreversible , it is quite easy to make a list of millions of hashed passwords (a rainbow table) and compare the
XSS • Cross Site Scripting (XSS) is a situation where by attacker injects HTML code, which is then displayed on the page without further validation.
XSS Condition 1. A Web application accepts user input – Well, which Web application doesn't? – 2. The input is used to create dynamic content
Who is Affected By XSS • XSS attack’s first target is the Client – Client trusts server (Does not expect attack) – Browser executes malicious script •
Impact Of XSS - Attack Access to authentication credentials for Web application • Cookies, Username and Password Ø XSS is not a harmless flaw ! • Normal users Ø Access to personal data (Credit card, Bank Account) Ø Access to business data (Bid details, construction details) Ø Misuse account (order expensive goods)
Impact Of XSS - Attack • Denial-of-Service – Crash Users`Browse r, Pop-Up- Flodding, Redirection • Access to Users` machine – Use ActiveX objects to control machine
Preventing XSS Preventing XSS Means Preventing…. • Subversion of separation of clients – Attacker can access affected clients’ data – Industrial espionage • Identity theft – Attacker can impersonate
XSS Solution • Implement XSS- Prevention in application • Do not assume input values are benign • Do not trust client side validation • Check and validate all
What to consider as an “INPUT” • Not only field values with user supplied input • Should be treated as Input: – All field values: Even hidden fields – All HTTP header fields: Referer – And even the
How To Perform Input Validation • Check if the input is what you expect • Do not try to check for "bad input" • Black list testing is no solution
SQL Injection • SQL injection is similar to XSS, in the fact that not validated data is being used. But in this case this data is passed to the database. – Arbitrary query execution • Removal of data.
SQL Injection • SQL injection vulnerabilities come in two main forms. • Both forms involve injecting SQL code into a website. • (1) Injecting into a form. Such as username and password boxes
Goals Of SQL Injection • Your goal as an injector is to outsmart the SQL server. • SQL server is normally running as either the local 'system' account, or a 'domain user' account, an
Goals Of SQL Injection • attacker might use xp_regXXX these functions to read the SAM, change the configuration of a system service etc
How SQL Injection Works • Before you protect from an injection, you must first understand how SQL works. • the username and password you entered is kept in the site's member table • The login form takes the
Escape SQL • If database interface extension offers dedicated escaping functions, USE THEM! – MySQL • mysql_esc ape_stri ng() • mysql_rea l_escape
Questions?
Thank You
REST Web services ● Representational State Transfer defines a set of architectural principles by which we can design Web services that focus on a system's resources, including how resource states are addressed and transferred over HTTP by a wide range of clients written in different languages. ● REST has emerged in the last few years alone as a predominant Web service design model. ● REST has had such a large impact on the Web that it has mostly displaced SOAP- and WSDL- based interface design because it's a considerably simpler style to use.
Design REST Web service follows four basic design principles: ● Use HTTP methods explicitly. ● Be stateless. ● Expose directory structure-like URIs. ● Transfer XML, JavaScript Object Notation (JSON), or both.
Use HTTP methods explicitly ● REST asks developers to use HTTP methods explicitly and in a way that's consistent with the protocol definition. ● This basic REST design principle establishes a one-to-one mapping between create, read, update, and delete (CRUD) operations and HTTP methods.
Use HTTP methods explicitly (cont.) According to this mapping: ● To create a resource on the server, use POST. ● To retrieve a resource, use GET. ● To change the state of a resource or to update it, use PUT. ● To remove or delete a resource, use DELETE.
Be stateless ● The client–server communication is further constrained by no client context being stored on the server between requests. Each request from any client contains all of the information necessary to service the request, and any session state is held in the client.
Expose directory structure-like URIs Some guidelines about URI structure for a RESTful Web service are: ● Hide the server-side scripting technology file extensions (.jsp, .php, .asp), if any, so you can port to something else without changing the URIs. ● Keep everything lowercase. ● Substitute spaces with hyphens or underscores (one or the other). ● Avoid query strings as much as you can. ● Instead of using the 404 Not Found code if the request URI is for a partial path, always provide a default page or resource as a response.
Transfer XML, JSON, or both ● The last set of constraints that goes into a RESTful Web service design has to do with the format of the data that the application and service exchange in the request/response payload or in the HTTP body. This is where it really pays to keep things simple, human- readable, and connected.
XML Representation ● <SoftwareInstance> ● <SoftwareInstanceId>200003</SoftwareInstanceId> ● <HostName>AB123456</HostName> ● <ServerName>LENOVO THINKPAD T410 XYZ123</ServerName> ● <ComponentId>45446</ComponentId> ● <ComponentName>IBM License Metric Tool </ComponentName> ● <ComponentVersion>7.5</ComponentVersion> ● </SoftwareInstance>
JSON Representation ● { ● "softwareinstanceid":200003, ● "componentname":"IBM License Metric Tool", ● "servername":"LENOVO THINKPAD T410 XYZ123", ● "hostname":"AB123456", ● "componentid":45446, ● "componentversion":"7.5" ● }
JSON ● JSON (Javascript Object Notation) is a lightweight computer data interchange format. ● It is a text-based, human-readable format for representing objects and other data structures and is mainly used to transmit such structured data over a network connection (in a process called serialization). ● JSON finds its main application in Ajax web application programming, as a simple alternative to using XML for asynchronously transmitting structured information between client and server.
JSON Architecture JSON is built on two structures: ● A collection of name/value pairs. In various languages, this is realized as an object, record, struct, dictionary, hash table, keyed list, or associative array. ● An ordered list of values. In most languages, this is realized as an array, vector, list, or sequence
JSON Functions JSON Functions used in PHP ● json_decode — Decodes a JSON string ● json_encode — Returns the JSON representation of a value ● json_last_error — Returns the last error occurred
JSON Format ● { ● "softwareinstanceid":200003, ● "componentname":"IBM License Metric Tool", ● "servername":"LENOVO THINKPAD T410 XYZ123", ● "hostname":"AB123456", ● "componentid":45446, ● "componentversion":"7.5" ● }
a
a
a
a

Empfohlen

CSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open RedirectCSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open RedirectBlueinfy Solutions
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesSam Bowne
 
HTML5 hacking
HTML5 hackingHTML5 hacking
HTML5 hackingBlueinfy Solutions
 
Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Shreeraj Shah
 
CNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side ControlsCNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side ControlsSam Bowne
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)Sam Bowne
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2Sam Bowne
 
HTML5 Top 10 Threats - Silent Attacks and Stealth Exploits
HTML5 Top 10 Threats - Silent Attacks and Stealth ExploitsHTML5 Top 10 Threats - Silent Attacks and Stealth Exploits
HTML5 Top 10 Threats - Silent Attacks and Stealth ExploitsShreeraj Shah
 

Empfohlen

CSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open RedirectCSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open RedirectBlueinfy Solutions
 
CNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesCNIT 129S: Ch 3: Web Application Technologies
CNIT 129S: Ch 3: Web Application TechnologiesSam Bowne
 
HTML5 hacking
HTML5 hackingHTML5 hacking
HTML5 hackingBlueinfy Solutions
 
Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Shreeraj Shah
 
CNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side ControlsCNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side ControlsSam Bowne
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)Sam Bowne
 
CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2CNIT 129S: Securing Web Applications Ch 1-2
CNIT 129S: Securing Web Applications Ch 1-2Sam Bowne
 
HTML5 Top 10 Threats - Silent Attacks and Stealth Exploits
HTML5 Top 10 Threats - Silent Attacks and Stealth ExploitsHTML5 Top 10 Threats - Silent Attacks and Stealth Exploits
HTML5 Top 10 Threats - Silent Attacks and Stealth ExploitsShreeraj Shah
 
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERYFIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERYShreeraj Shah
 
XSS and CSRF with HTML5
XSS and CSRF with HTML5XSS and CSRF with HTML5
XSS and CSRF with HTML5Shreeraj Shah
 
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseHacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseShreeraj Shah
 
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Shreeraj Shah
 
Web security
Web securityWeb security
Web securityGreater Noida Institute Of Technology
 
Application fuzzing
Application fuzzingApplication fuzzing
Application fuzzingBlueinfy Solutions
 
Html5 on mobile
Html5 on mobileHtml5 on mobile
Html5 on mobileBlueinfy Solutions
 
OWASP Top 10 vs Drupal - OWASP Benelux 2012
OWASP Top 10 vs Drupal - OWASP Benelux 2012OWASP Top 10 vs Drupal - OWASP Benelux 2012
OWASP Top 10 vs Drupal - OWASP Benelux 2012ZIONSECURITY
 
Blackhat11 shreeraj reverse_engineering_browser
Blackhat11 shreeraj reverse_engineering_browserBlackhat11 shreeraj reverse_engineering_browser
Blackhat11 shreeraj reverse_engineering_browserShreeraj Shah
 
Advanced applications-architecture-threats
Advanced applications-architecture-threatsAdvanced applications-architecture-threats
Advanced applications-architecture-threatsBlueinfy Solutions
 
Amish Umesh - Future Of Web App Testing - ClubHack2007
Amish Umesh - Future Of Web App Testing - ClubHack2007Amish Umesh - Future Of Web App Testing - ClubHack2007
Amish Umesh - Future Of Web App Testing - ClubHack2007ClubHack
 
Isys20261 lecture 09
Isys20261 lecture 09Isys20261 lecture 09
Isys20261 lecture 09Wiliam Ferraciolli
 
Micro Web Service - Slim and JWT
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWTTuyen Vuong
 
Basics of the Web Platform
Basics of the Web PlatformBasics of the Web Platform
Basics of the Web PlatformSanjeev Verma, PhD
 
Ruby on Rails Security
Ruby on Rails SecurityRuby on Rails Security
Ruby on Rails Securityamiable_indian
 
Authentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongAuthentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongDerek Perkins
 
Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps - JavaOne...
Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps - JavaOne...Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps - JavaOne...
Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps - JavaOne...Hermann Burgmeier
 
Html5 Application Security
Html5 Application SecurityHtml5 Application Security
Html5 Application Securitychuckbt
 
SOA standards
SOA standardsSOA standards
SOA standardsKumar
 
DataPower Security Hardening
DataPower Security HardeningDataPower Security Hardening
DataPower Security HardeningShiu-Fun Poon
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
2013 OWASP Top 10
2013 OWASP Top 102013 OWASP Top 10
2013 OWASP Top 10bilcorry
 

Weitere ähnliche Inhalte

Was ist angesagt?

FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERYFIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERYShreeraj Shah
 
XSS and CSRF with HTML5
XSS and CSRF with HTML5XSS and CSRF with HTML5
XSS and CSRF with HTML5Shreeraj Shah
 
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseHacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseShreeraj Shah
 
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Shreeraj Shah
 
OWASP Top 10 vs Drupal - OWASP Benelux 2012
OWASP Top 10 vs Drupal - OWASP Benelux 2012OWASP Top 10 vs Drupal - OWASP Benelux 2012
OWASP Top 10 vs Drupal - OWASP Benelux 2012ZIONSECURITY
 
Blackhat11 shreeraj reverse_engineering_browser
Blackhat11 shreeraj reverse_engineering_browserBlackhat11 shreeraj reverse_engineering_browser
Blackhat11 shreeraj reverse_engineering_browserShreeraj Shah
 
Advanced applications-architecture-threats
Advanced applications-architecture-threatsAdvanced applications-architecture-threats
Advanced applications-architecture-threatsBlueinfy Solutions
 
Amish Umesh - Future Of Web App Testing - ClubHack2007
Amish Umesh - Future Of Web App Testing - ClubHack2007Amish Umesh - Future Of Web App Testing - ClubHack2007
Amish Umesh - Future Of Web App Testing - ClubHack2007ClubHack
 
Micro Web Service - Slim and JWT
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWTTuyen Vuong
 
Ruby on Rails Security
Ruby on Rails SecurityRuby on Rails Security
Ruby on Rails Securityamiable_indian
 
Authentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongAuthentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongDerek Perkins
 
Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps - JavaOne...
Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps - JavaOne...Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps - JavaOne...
Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps - JavaOne...Hermann Burgmeier
 
Html5 Application Security
Html5 Application SecurityHtml5 Application Security
Html5 Application Securitychuckbt
 
SOA standards
SOA standardsSOA standards
SOA standardsKumar
 
DataPower Security Hardening
DataPower Security HardeningDataPower Security Hardening
DataPower Security HardeningShiu-Fun Poon
 

Was ist angesagt? (20)

FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERYFIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY
 
XSS and CSRF with HTML5
XSS and CSRF with HTML5XSS and CSRF with HTML5
XSS and CSRF with HTML5
 
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseHacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
 
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
 
Web security
Web securityWeb security
Web security
 
Application fuzzing
Application fuzzingApplication fuzzing
Application fuzzing
 
Html5 on mobile
Html5 on mobileHtml5 on mobile
Html5 on mobile
 
OWASP Top 10 vs Drupal - OWASP Benelux 2012
OWASP Top 10 vs Drupal - OWASP Benelux 2012OWASP Top 10 vs Drupal - OWASP Benelux 2012
OWASP Top 10 vs Drupal - OWASP Benelux 2012
 
Blackhat11 shreeraj reverse_engineering_browser
Blackhat11 shreeraj reverse_engineering_browserBlackhat11 shreeraj reverse_engineering_browser
Blackhat11 shreeraj reverse_engineering_browser
 
Advanced applications-architecture-threats
Advanced applications-architecture-threatsAdvanced applications-architecture-threats
Advanced applications-architecture-threats
 
Amish Umesh - Future Of Web App Testing - ClubHack2007
Amish Umesh - Future Of Web App Testing - ClubHack2007Amish Umesh - Future Of Web App Testing - ClubHack2007
Amish Umesh - Future Of Web App Testing - ClubHack2007
 
Isys20261 lecture 09
Isys20261 lecture 09Isys20261 lecture 09
Isys20261 lecture 09
 
Micro Web Service - Slim and JWT
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWT
 
Basics of the Web Platform
Basics of the Web PlatformBasics of the Web Platform
Basics of the Web Platform
 
Ruby on Rails Security
Ruby on Rails SecurityRuby on Rails Security
Ruby on Rails Security
 
Authentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongAuthentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrong
 
Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps - JavaOne...
Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps - JavaOne...Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps - JavaOne...
Mixing OAuth 2.0, Jersey and Guice to Build an Ecosystem of Apps - JavaOne...
 
Html5 Application Security
Html5 Application SecurityHtml5 Application Security
Html5 Application Security
 
SOA standards
SOA standardsSOA standards
SOA standards
 
DataPower Security Hardening
DataPower Security HardeningDataPower Security Hardening
DataPower Security Hardening
 

Ähnlich wie a

Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
2013 OWASP Top 10
2013 OWASP Top 102013 OWASP Top 10
2013 OWASP Top 10bilcorry
 
OWASP top 10-2013
OWASP top 10-2013OWASP top 10-2013
OWASP top 10-2013tmd800
 
Owasp first5 presentation
Owasp first5 presentationOwasp first5 presentation
Owasp first5 presentationowasp-pune
 
Web application security part 01
Web application security part 01Web application security part 01
Web application security part 01G Prachi
 
Website Hacking and Preventive Measures
Website Hacking and Preventive MeasuresWebsite Hacking and Preventive Measures
Website Hacking and Preventive MeasuresShubham Takode
 
SQLi for Security Champions
SQLi for Security ChampionsSQLi for Security Champions
SQLi for Security ChampionsPetraVukmirovic
 
Cloud compiler - Minor Project by students of CBPGEC
Cloud compiler - Minor Project by students of CBPGEC Cloud compiler - Minor Project by students of CBPGEC
Cloud compiler - Minor Project by students of CBPGEC vipin kumar
 
www.webre24h.com - Ajax security
www.webre24h.com - Ajax securitywww.webre24h.com - Ajax security
www.webre24h.com - Ajax securitywebre24h
 
Unique Features of SQL Injection in PHP Assignment
Unique Features of SQL Injection in PHP AssignmentUnique Features of SQL Injection in PHP Assignment
Unique Features of SQL Injection in PHP AssignmentLesa Cote
 
Building a secure BFF at Postman
Building a secure BFF at PostmanBuilding a secure BFF at Postman
Building a secure BFF at PostmanAnkit Muchhala
 
Ch 12 Attacking Users - XSS
Ch 12 Attacking Users - XSSCh 12 Attacking Users - XSS
Ch 12 Attacking Users - XSSSam Bowne
 
Application Security Tools
Application Security ToolsApplication Security Tools
Application Security ToolsLalit Kale
 
Web application security
Web application securityWeb application security
Web application securityAkhil Raj
 
CNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
CNIT 129S: Ch 12: Attacking Users: Cross-Site ScriptingCNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
CNIT 129S: Ch 12: Attacking Users: Cross-Site ScriptingSam Bowne
 

Ähnlich wie a (20)

Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
 
2013 OWASP Top 10
2013 OWASP Top 102013 OWASP Top 10
2013 OWASP Top 10
 
OWASP top 10-2013
OWASP top 10-2013OWASP top 10-2013
OWASP top 10-2013
 
Owasp first5 presentation
Owasp first5 presentationOwasp first5 presentation
Owasp first5 presentation
 
Owasp first5 presentation
Owasp first5 presentationOwasp first5 presentation
Owasp first5 presentation
 
Web application security part 01
Web application security part 01Web application security part 01
Web application security part 01
 
Codeinjection
CodeinjectionCodeinjection
Codeinjection
 
Windows 8 Metro apps and the outside world
Windows 8 Metro apps and the outside worldWindows 8 Metro apps and the outside world
Windows 8 Metro apps and the outside world
 
Website Hacking and Preventive Measures
Website Hacking and Preventive MeasuresWebsite Hacking and Preventive Measures
Website Hacking and Preventive Measures
 
Spa Secure Coding Guide
Spa Secure Coding GuideSpa Secure Coding Guide
Spa Secure Coding Guide
 
SQLi for Security Champions
SQLi for Security ChampionsSQLi for Security Champions
SQLi for Security Champions
 
Cloud compiler - Minor Project by students of CBPGEC
Cloud compiler - Minor Project by students of CBPGEC Cloud compiler - Minor Project by students of CBPGEC
Cloud compiler - Minor Project by students of CBPGEC
 
www.webre24h.com - Ajax security
www.webre24h.com - Ajax securitywww.webre24h.com - Ajax security
www.webre24h.com - Ajax security
 
Unique Features of SQL Injection in PHP Assignment
Unique Features of SQL Injection in PHP AssignmentUnique Features of SQL Injection in PHP Assignment
Unique Features of SQL Injection in PHP Assignment
 
Building a secure BFF at Postman
Building a secure BFF at PostmanBuilding a secure BFF at Postman
Building a secure BFF at Postman
 
Ch 12 Attacking Users - XSS
Ch 12 Attacking Users - XSSCh 12 Attacking Users - XSS
Ch 12 Attacking Users - XSS
 
Application Security Tools
Application Security ToolsApplication Security Tools
Application Security Tools
 
Web application security
Web application securityWeb application security
Web application security
 
API SECURITY
API SECURITYAPI SECURITY
API SECURITY
 
CNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
CNIT 129S: Ch 12: Attacking Users: Cross-Site ScriptingCNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
CNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
 

a

  • 2. Index • Introduction • PHP & Security • Session Hijacking • Types Of Session Hijacking • Protection Against Session Hijacking • Preventing XSS
  • 3. Index • SQL Injection • How SQL Injection Works • Goals Of SQL Injection • XSS •
  • 4. Introduction • Security is a measurement, not a characteristic. • It’s is also an growing problem that requires an continually evolving solution. ØA good measure of
  • 5. PHP & Security • PHP keeps on growing as a language, making headway into enterprise and corporate markets. • • • Consequently PHP applications
  • 6. Session Hijacking • TCP session hijacking is when a hacker takes over a TCP session between two machines. • Since most authentication only occurs at the start of a TCP session, this allows the
  • 7. Types of Session Hijacking
  • 8. Protection Against Session Hijacking • Use encryption • Use a secure protocol • Limit incoming connections • Minimize remote access •
  • 9. Input Validation • One of the key concepts you must accept is that user input is unreliable and not to be trusted. – Partially lost in transmission between server & client. – Corrupted by some in- between process.
  • 10. Strong Password • Do not store password as plain text • Do not try to invent your own password security • Do not encrypt passwords as they are reversible. Security through
  • 11. Strong Password • Do not use MD5 – though this cryptographic hashing function is irreversible , it is quite easy to make a list of millions of hashed passwords (a rainbow table) and compare the
  • 12. XSS • Cross Site Scripting (XSS) is a situation where by attacker injects HTML code, which is then displayed on the page without further validation.
  • 13. XSS Condition 1. A Web application accepts user input – Well, which Web application doesn't? – 2. The input is used to create dynamic content
  • 14. Who is Affected By XSS • XSS attack’s first target is the Client – Client trusts server (Does not expect attack) – Browser executes malicious script •
  • 15. Impact Of XSS - Attack Access to authentication credentials for Web application • Cookies, Username and Password Ø XSS is not a harmless flaw ! • Normal users Ø Access to personal data (Credit card, Bank Account) Ø Access to business data (Bid details, construction details) Ø Misuse account (order expensive goods)
  • 16. Impact Of XSS - Attack • Denial-of-Service – Crash Users`Browse r, Pop-Up- Flodding, Redirection • Access to Users` machine – Use ActiveX objects to control machine
  • 17. Preventing XSS Preventing XSS Means Preventing…. • Subversion of separation of clients – Attacker can access affected clients’ data – Industrial espionage • Identity theft – Attacker can impersonate
  • 18. XSS Solution • Implement XSS- Prevention in application • Do not assume input values are benign • Do not trust client side validation • Check and validate all
  • 19. What to consider as an “INPUT” • Not only field values with user supplied input • Should be treated as Input: – All field values: Even hidden fields – All HTTP header fields: Referer – And even the
  • 20. How To Perform Input Validation • Check if the input is what you expect • Do not try to check for "bad input" • Black list testing is no solution
  • 21. SQL Injection • SQL injection is similar to XSS, in the fact that not validated data is being used. But in this case this data is passed to the database. – Arbitrary query execution • Removal of data.
  • 22. SQL Injection • SQL injection vulnerabilities come in two main forms. • Both forms involve injecting SQL code into a website. • (1) Injecting into a form. Such as username and password boxes
  • 23. Goals Of SQL Injection • Your goal as an injector is to outsmart the SQL server. • SQL server is normally running as either the local 'system' account, or a 'domain user' account, an
  • 24. Goals Of SQL Injection • attacker might use xp_regXXX these functions to read the SAM, change the configuration of a system service etc
  • 25. How SQL Injection Works • Before you protect from an injection, you must first understand how SQL works. • the username and password you entered is kept in the site's member table • The login form takes the
  • 26. Escape SQL • If database interface extension offers dedicated escaping functions, USE THEM! – MySQL • mysql_esc ape_stri ng() • mysql_rea l_escape
  • 29. REST Web services ● Representational State Transfer defines a set of architectural principles by which we can design Web services that focus on a system's resources, including how resource states are addressed and transferred over HTTP by a wide range of clients written in different languages. ● REST has emerged in the last few years alone as a predominant Web service design model. ● REST has had such a large impact on the Web that it has mostly displaced SOAP- and WSDL- based interface design because it's a considerably simpler style to use.
  • 30. Design REST Web service follows four basic design principles: ● Use HTTP methods explicitly. ● Be stateless. ● Expose directory structure-like URIs. ● Transfer XML, JavaScript Object Notation (JSON), or both.
  • 31. Use HTTP methods explicitly ● REST asks developers to use HTTP methods explicitly and in a way that's consistent with the protocol definition. ● This basic REST design principle establishes a one-to-one mapping between create, read, update, and delete (CRUD) operations and HTTP methods.
  • 32. Use HTTP methods explicitly (cont.) According to this mapping: ● To create a resource on the server, use POST. ● To retrieve a resource, use GET. ● To change the state of a resource or to update it, use PUT. ● To remove or delete a resource, use DELETE.
  • 33. Be stateless ● The client–server communication is further constrained by no client context being stored on the server between requests. Each request from any client contains all of the information necessary to service the request, and any session state is held in the client.
  • 34. Expose directory structure-like URIs Some guidelines about URI structure for a RESTful Web service are: ● Hide the server-side scripting technology file extensions (.jsp, .php, .asp), if any, so you can port to something else without changing the URIs. ● Keep everything lowercase. ● Substitute spaces with hyphens or underscores (one or the other). ● Avoid query strings as much as you can. ● Instead of using the 404 Not Found code if the request URI is for a partial path, always provide a default page or resource as a response.
  • 35. Transfer XML, JSON, or both ● The last set of constraints that goes into a RESTful Web service design has to do with the format of the data that the application and service exchange in the request/response payload or in the HTTP body. This is where it really pays to keep things simple, human- readable, and connected.
  • 36. XML Representation ● <SoftwareInstance> ● <SoftwareInstanceId>200003</SoftwareInstanceId> ● <HostName>AB123456</HostName> ● <ServerName>LENOVO THINKPAD T410 XYZ123</ServerName> ● <ComponentId>45446</ComponentId> ● <ComponentName>IBM License Metric Tool </ComponentName> ● <ComponentVersion>7.5</ComponentVersion> ● </SoftwareInstance>
  • 37. JSON Representation ● { ● "softwareinstanceid":200003, ● "componentname":"IBM License Metric Tool", ● "servername":"LENOVO THINKPAD T410 XYZ123", ● "hostname":"AB123456", ● "componentid":45446, ● "componentversion":"7.5" ● }
  • 38. JSON ● JSON (Javascript Object Notation) is a lightweight computer data interchange format. ● It is a text-based, human-readable format for representing objects and other data structures and is mainly used to transmit such structured data over a network connection (in a process called serialization). ● JSON finds its main application in Ajax web application programming, as a simple alternative to using XML for asynchronously transmitting structured information between client and server.
  • 39. JSON Architecture JSON is built on two structures: ● A collection of name/value pairs. In various languages, this is realized as an object, record, struct, dictionary, hash table, keyed list, or associative array. ● An ordered list of values. In most languages, this is realized as an array, vector, list, or sequence
  • 40. JSON Functions JSON Functions used in PHP ● json_decode — Decodes a JSON string ● json_encode — Returns the JSON representation of a value ● json_last_error — Returns the last error occurred
  • 41. JSON Format ● { ● "softwareinstanceid":200003, ● "componentname":"IBM License Metric Tool", ● "servername":"LENOVO THINKPAD T410 XYZ123", ● "hostname":"AB123456", ● "componentid":45446, ● "componentversion":"7.5" ● }

Hinweis der Redaktion

  1. SEO
  2. SEO
  3. SEO
  4. SEO