SlideShare ist ein Scribd-Unternehmen logo

Codeinjection

Als PPTX, PDF herunterladen
Nitish Kumar
Nitish Kumar
Technologie
1 von 35
What is code injection? • Code injection is the exploitation of a computer bug that is caused by processing invalid data. • Code injection can be used by an attacker to introduce (or "inject") code into a computer program to change the course of execution. • The results of a code injection attack can be disastrous
Code injection
Code injection can do • Arbitrarily modify values in a database through a type of code injection called SQL injection. The impact of this can range from defacement of a web site to serious compromisation of sensitive data. • Install malware on a computer by exploiting code injection vulnerabilities in a web browser or its plugins when the user visits a malicious site.
• Install malware or execute malevolent code on a server, by PHP or ASP Injection. • Privilege escalation to root permissions by exploiting Shell Injection vulnerabilities in a setuid root binary on UNIX. • Privilege escalation to Local System permissions by exploiting Shell Injection vulnerabilities in a service on Windows. • Stealing sessions/cookies from web browsers using HTML/Script Injection (Cross-site scripting). Code injection can do
Different types of Code injection • SQL injection • LDAP Injection • OS Command Injection • Cross-Site Scripting (“XSS”)
SQL injection SQL injection attack consists of injection of malicious SQL commands via input data from the client to the application that are later passed to an instance of a database for execution and aim to affect the execution of predefined SQL commands.
SQL injection
SQL injection • SQL injection consists of direct insertion of code into user-input variables which are concatenated with SQL commands and executed. • A less direct attack injects malicious code into strings that are destined for storage in a table or as metadata. • When the stored strings are subsequently concatenated into a dynamic SQL commands, the malicious code is then executed.
SQL injection A successful SQL injection exploit can • Access sensitive data in the database, • Modify database data, • Execute administrative operations within the database (e.g. shutdown the DBMS), • Recover the content of a given file present on the DBMS file system • And in some cases issue commands to the operating system.
Sample SQL injection
Examples of SQL injection These attacks noted on the Eastern European website started early in March and by Wednesday March 12, 2008, 10,000 Web pages were compromised. Here is a diagram of how it is done
Examples of SQL injection Here is a diagram of how to protect against it
Examples of SQL injection * At BIDMC, we chose to implement Third Brigade's Host Based Intrusion Protection software, the Cool Technology of the Week. Third Brigade’s SQL Injection smart filter provides generic protection against SQL Injection attacks. * In addition, Third Brigade has released a specific exploit filter which identifies if a Web Site has been compromised and is serving malicious content to unsuspecting users. *Third Brigade provides protection against these Web Site attacks that are highly sophisticated and in some cases encoded using evasive techniques like URI encoding, double encoding, mixed case and non minimal UTF-8 encoding. * Install filters for known vulnerabilities in Browsers, Operating Systems and ActiveX Plugins * Install filters which prevent the user from accessing sites serving malicious pages. In this case, we released a specific protection which detects if the user visits a site that has malicious javascript in it. * Install filters which block domains which download the malware on the target machine. * Install filters detecting existence of known malware on the machine.
LDAP Injection • LDAP is Lightweight Directory Access Protocol. • LDAP injection is an attack technique of exploiting web applications that use client- supplied data in LDAP statements without first stripping potentially harmful characters from the request.
LDAP Injection
LDAP Injection ? • When a web application fails to properly sanitise user-supplied input, it is possible for an attacker to alter the construction of an LDAP statement. • Once an attacker is able to modify an LDAP statement, the process will run with the same permissions as the component that executed the command.(e.g. Database server, Web application server, Web server, etc.).
• This can cause serious security problems where the permissions grant the rights to query, modify or remove anything inside the LDAP tree. • The same advanced exploitation techniques available in SQL Injection can also be similarly applied in LDAP Injection. LDAP Injection?
Examples of LDAP Injection
OS Command Injection • OS Command Injection also called as Shell Injection. • OS command injection is also known as Improper Sanitisation of Special Elements used in an OS Command and is a technique used via a web interface in order to execute OS commands on a web server.
OS Command Injection? • The user supplies all or part of malformed OS command through a web interface. • If the web interface that is not properly sanitised the input is vulnerable to this exploit. • With the ability to execute OS commands, the user can inject unexpected and dangerous commands, upload malicious programs or even obtain passwords directly from the operating system.
Examples of OS Command Injection
Cross-Site Scripting (“XSS”) • Cross-site Scripting (“XSS“) is a type of injection attack, in which malicious scripts are introduced into the trusted websites. • This exploitation would occur when a web application uses user-supplied inputs as an output without validating or encoding it.
Cross-Site Scripting (“XSS”)
Cross-Site Scripting (“XSS”)
Cross-Site Scripting (“XSS”) • The malicious content sent to the web browser can takes several forms including JavaScript, VBScript, ActiveX, HTML, Flash or any other type of code that the browser may execute. • XSS attacks can generally be categorised into three types: - Stored, - Reflected and - Document Object Mode based (“DOM- Based”).
Cross-Site Scripting (“XSS”) • Stored XSS (Persistent) – Stored XSS attacks means that the injected malicious code is permanently stored on a target server such as a bulletin board, a visitor log, or a comment field, blogs, discussion boards. • When interacting with the target server, an end-user inadvertently retrieves and executes the malicious code from the server.
Cross-Site Scripting (“XSS”) Sample Stored XSS
Cross-Site Scripting (“XSS”) • Reflected XSS (Non-Persistent) – Reflected XSS attacks are those where the injected code is sent to a vulnerable web server that directs the crosssite attack back to the user’s browser. • This type of attacks aims to trick the users by clicking on a malicious link or submitting a specially crafted form. • The user’s browser then executes the malicious code, assuming it comes from a trusted server.
Cross-Site Scripting (“XSS”) Sample reflected XSS
Cross-Site Scripting (“XSS”) • DOM (Document Object Model) Based XSS – Unlike the previous two, DOM based XSS does not require the web server to receive the malicious XSS payload. • Instead, in a DOM-based XSS, the attack payload is embedded in the DOM object in the victim’s browser used by the original client side script, so that the client side code runs in an “unexpected” manner.
• That means, the page itself (HTTP response) does not change, but the client side code contained in the page executes differently due to the malicious modifications that have occurred in the local DOM environment. • This attack is usually achieved by sending malicious URL to the users. Cross-Site Scripting (“XSS”)
Cross-Site Scripting (“XSS”) Sample DOM XSS
References: http://geekdoctor.blogspot.com/2008_03_01_archive.html http://simplicable.com/photo/224/LDAP-injection.html http://www.istf.jucc.edu.hk/newsletter/IT_04/IT-4_Code_Injection.pdf
Questions ?

Empfohlen

Os Command Injection Attack
Os Command Injection AttackOs Command Injection Attack
Os Command Injection AttackRaghav Bisht
 
CNIT 124 Ch10-12: Local Exploits through Bypassing AV
CNIT 124 Ch10-12: Local Exploits through Bypassing AVCNIT 124 Ch10-12: Local Exploits through Bypassing AV
CNIT 124 Ch10-12: Local Exploits through Bypassing AVSam Bowne
 
CNIT 124 Ch 13: Post Exploitation (Part 1)
CNIT 124 Ch 13: Post Exploitation (Part 1)CNIT 124 Ch 13: Post Exploitation (Part 1)
CNIT 124 Ch 13: Post Exploitation (Part 1)Sam Bowne
 
The Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaThe Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaEC-Council
 
java2days 2014: Attacking JavaEE Application Servers
java2days 2014: Attacking JavaEE Application Serversjava2days 2014: Attacking JavaEE Application Servers
java2days 2014: Attacking JavaEE Application ServersMartin Toshev
 
Hafnium attack
Hafnium attackHafnium attack
Hafnium attackHappiest Minds Technologies
 
CNIT 129S: 9: Attacking Data Stores (Part 1 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 1 of 2)CNIT 129S: 9: Attacking Data Stores (Part 1 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 1 of 2)Sam Bowne
 
CNIT 128 7. Attacking Android Applications (Part 3)
CNIT 128 7. Attacking Android Applications (Part 3)CNIT 128 7. Attacking Android Applications (Part 3)
CNIT 128 7. Attacking Android Applications (Part 3)Sam Bowne
 

Empfohlen

Os Command Injection Attack
Os Command Injection AttackOs Command Injection Attack
Os Command Injection AttackRaghav Bisht
 
CNIT 124 Ch10-12: Local Exploits through Bypassing AV
CNIT 124 Ch10-12: Local Exploits through Bypassing AVCNIT 124 Ch10-12: Local Exploits through Bypassing AV
CNIT 124 Ch10-12: Local Exploits through Bypassing AVSam Bowne
 
CNIT 124 Ch 13: Post Exploitation (Part 1)
CNIT 124 Ch 13: Post Exploitation (Part 1)CNIT 124 Ch 13: Post Exploitation (Part 1)
CNIT 124 Ch 13: Post Exploitation (Part 1)Sam Bowne
 
The Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaThe Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaEC-Council
 
java2days 2014: Attacking JavaEE Application Servers
java2days 2014: Attacking JavaEE Application Serversjava2days 2014: Attacking JavaEE Application Servers
java2days 2014: Attacking JavaEE Application ServersMartin Toshev
 
Hafnium attack
Hafnium attackHafnium attack
Hafnium attackHappiest Minds Technologies
 
CNIT 129S: 9: Attacking Data Stores (Part 1 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 1 of 2)CNIT 129S: 9: Attacking Data Stores (Part 1 of 2)
CNIT 129S: 9: Attacking Data Stores (Part 1 of 2)Sam Bowne
 
CNIT 128 7. Attacking Android Applications (Part 3)
CNIT 128 7. Attacking Android Applications (Part 3)CNIT 128 7. Attacking Android Applications (Part 3)
CNIT 128 7. Attacking Android Applications (Part 3)Sam Bowne
 
Ch 9 Attacking Data Stores (Part 2)
Ch 9 Attacking Data Stores (Part 2)Ch 9 Attacking Data Stores (Part 2)
Ch 9 Attacking Data Stores (Part 2)Sam Bowne
 
Commix
Commix Commix
Commix nullowaspmumbai
 
CNIT 129S Ch 4: Mapping the Application
CNIT 129S Ch 4: Mapping the ApplicationCNIT 129S Ch 4: Mapping the Application
CNIT 129S Ch 4: Mapping the ApplicationSam Bowne
 
Vulnerabilities on Various Data Processing Levels
Vulnerabilities on Various Data Processing LevelsVulnerabilities on Various Data Processing Levels
Vulnerabilities on Various Data Processing LevelsPositive Hack Days
 
Concepts of Malicious Windows Programs
Concepts of Malicious Windows ProgramsConcepts of Malicious Windows Programs
Concepts of Malicious Windows ProgramsNatraj G
 
CNIT 126 Ch 9: OllyDbg
CNIT 126 Ch 9: OllyDbgCNIT 126 Ch 9: OllyDbg
CNIT 126 Ch 9: OllyDbgSam Bowne
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilitiesphanleson
 
An Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security AssessmentsAn Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security AssessmentsEnclaveSecurity
 
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric VanderburgEthical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric VanderburgEric Vanderburg
 
CNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
CNIT 129S: Ch 12: Attacking Users: Cross-Site ScriptingCNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
CNIT 129S: Ch 12: Attacking Users: Cross-Site ScriptingSam Bowne
 
CNIT 128 8. Android Implementation Issues (Part 2)
CNIT 128 8. Android Implementation Issues (Part 2)CNIT 128 8. Android Implementation Issues (Part 2)
CNIT 128 8. Android Implementation Issues (Part 2)Sam Bowne
 
Test automation using selenium
Test automation using seleniumTest automation using selenium
Test automation using seleniumTờ Rang
 
Sandboxing (Distributed computing)
Sandboxing (Distributed computing)Sandboxing (Distributed computing)
Sandboxing (Distributed computing)Sri Prasanna
 
Correlation Composer for HP OpenView Operations
Correlation Composer for HP OpenView OperationsCorrelation Composer for HP OpenView Operations
Correlation Composer for HP OpenView OperationsStefan Bergstein
 
CNIT 127: L9: Web Templates and .NET
CNIT 127: L9: Web Templates and .NETCNIT 127: L9: Web Templates and .NET
CNIT 127: L9: Web Templates and .NETSam Bowne
 
Source Code Scanners
Source Code ScannersSource Code Scanners
Source Code ScannersPawel Krawczyk
 
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)CNIT 128 6. Analyzing Android Applications (Part 3 of 3)
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)Sam Bowne
 
Platform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterPlatform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterEqual Experts
 
Computer security Description about SQL-Injection and SYN attacks
Computer security Description about SQL-Injection and SYN attacksComputer security Description about SQL-Injection and SYN attacks
Computer security Description about SQL-Injection and SYN attacksTesfahunegn Minwuyelet
 
CNIT 128: Android Implementation Issues (Part 2)
CNIT 128: Android Implementation Issues (Part 2)CNIT 128: Android Implementation Issues (Part 2)
CNIT 128: Android Implementation Issues (Part 2)Sam Bowne
 
Sql Injection
Sql InjectionSql Injection
Sql Injectionpenetration Tester
 
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptxcgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptxprasadGade6
 

Weitere ähnliche Inhalte

Was ist angesagt?

Ch 9 Attacking Data Stores (Part 2)
Ch 9 Attacking Data Stores (Part 2)Ch 9 Attacking Data Stores (Part 2)
Ch 9 Attacking Data Stores (Part 2)Sam Bowne
 
CNIT 129S Ch 4: Mapping the Application
CNIT 129S Ch 4: Mapping the ApplicationCNIT 129S Ch 4: Mapping the Application
CNIT 129S Ch 4: Mapping the ApplicationSam Bowne
 
Vulnerabilities on Various Data Processing Levels
Vulnerabilities on Various Data Processing LevelsVulnerabilities on Various Data Processing Levels
Vulnerabilities on Various Data Processing LevelsPositive Hack Days
 
Concepts of Malicious Windows Programs
Concepts of Malicious Windows ProgramsConcepts of Malicious Windows Programs
Concepts of Malicious Windows ProgramsNatraj G
 
CNIT 126 Ch 9: OllyDbg
CNIT 126 Ch 9: OllyDbgCNIT 126 Ch 9: OllyDbg
CNIT 126 Ch 9: OllyDbgSam Bowne
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilitiesphanleson
 
An Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security AssessmentsAn Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security AssessmentsEnclaveSecurity
 
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric VanderburgEthical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric VanderburgEric Vanderburg
 
CNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
CNIT 129S: Ch 12: Attacking Users: Cross-Site ScriptingCNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
CNIT 129S: Ch 12: Attacking Users: Cross-Site ScriptingSam Bowne
 
CNIT 128 8. Android Implementation Issues (Part 2)
CNIT 128 8. Android Implementation Issues (Part 2)CNIT 128 8. Android Implementation Issues (Part 2)
CNIT 128 8. Android Implementation Issues (Part 2)Sam Bowne
 
Test automation using selenium
Test automation using seleniumTest automation using selenium
Test automation using seleniumTờ Rang
 
Sandboxing (Distributed computing)
Sandboxing (Distributed computing)Sandboxing (Distributed computing)
Sandboxing (Distributed computing)Sri Prasanna
 
Correlation Composer for HP OpenView Operations
Correlation Composer for HP OpenView OperationsCorrelation Composer for HP OpenView Operations
Correlation Composer for HP OpenView OperationsStefan Bergstein
 
CNIT 127: L9: Web Templates and .NET
CNIT 127: L9: Web Templates and .NETCNIT 127: L9: Web Templates and .NET
CNIT 127: L9: Web Templates and .NETSam Bowne
 
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)CNIT 128 6. Analyzing Android Applications (Part 3 of 3)
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)Sam Bowne
 
Platform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterPlatform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterEqual Experts
 
Computer security Description about SQL-Injection and SYN attacks
Computer security Description about SQL-Injection and SYN attacksComputer security Description about SQL-Injection and SYN attacks
Computer security Description about SQL-Injection and SYN attacksTesfahunegn Minwuyelet
 
CNIT 128: Android Implementation Issues (Part 2)
CNIT 128: Android Implementation Issues (Part 2)CNIT 128: Android Implementation Issues (Part 2)
CNIT 128: Android Implementation Issues (Part 2)Sam Bowne
 

Was ist angesagt? (20)

Ch 9 Attacking Data Stores (Part 2)
Ch 9 Attacking Data Stores (Part 2)Ch 9 Attacking Data Stores (Part 2)
Ch 9 Attacking Data Stores (Part 2)
 
Commix
Commix Commix
Commix
 
CNIT 129S Ch 4: Mapping the Application
CNIT 129S Ch 4: Mapping the ApplicationCNIT 129S Ch 4: Mapping the Application
CNIT 129S Ch 4: Mapping the Application
 
Vulnerabilities on Various Data Processing Levels
Vulnerabilities on Various Data Processing LevelsVulnerabilities on Various Data Processing Levels
Vulnerabilities on Various Data Processing Levels
 
Concepts of Malicious Windows Programs
Concepts of Malicious Windows ProgramsConcepts of Malicious Windows Programs
Concepts of Malicious Windows Programs
 
CNIT 126 Ch 9: OllyDbg
CNIT 126 Ch 9: OllyDbgCNIT 126 Ch 9: OllyDbg
CNIT 126 Ch 9: OllyDbg
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilities
 
An Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security AssessmentsAn Introduction to PowerShell for Security Assessments
An Introduction to PowerShell for Security Assessments
 
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric VanderburgEthical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
Ethical hacking Chapter 10 - Exploiting Web Servers - Eric Vanderburg
 
CNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
CNIT 129S: Ch 12: Attacking Users: Cross-Site ScriptingCNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
CNIT 129S: Ch 12: Attacking Users: Cross-Site Scripting
 
CNIT 128 8. Android Implementation Issues (Part 2)
CNIT 128 8. Android Implementation Issues (Part 2)CNIT 128 8. Android Implementation Issues (Part 2)
CNIT 128 8. Android Implementation Issues (Part 2)
 
Test automation using selenium
Test automation using seleniumTest automation using selenium
Test automation using selenium
 
Sandboxing (Distributed computing)
Sandboxing (Distributed computing)Sandboxing (Distributed computing)
Sandboxing (Distributed computing)
 
Correlation Composer for HP OpenView Operations
Correlation Composer for HP OpenView OperationsCorrelation Composer for HP OpenView Operations
Correlation Composer for HP OpenView Operations
 
CNIT 127: L9: Web Templates and .NET
CNIT 127: L9: Web Templates and .NETCNIT 127: L9: Web Templates and .NET
CNIT 127: L9: Web Templates and .NET
 
Source Code Scanners
Source Code ScannersSource Code Scanners
Source Code Scanners
 
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)CNIT 128 6. Analyzing Android Applications (Part 3 of 3)
CNIT 128 6. Analyzing Android Applications (Part 3 of 3)
 
Platform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterPlatform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building Better
 
Computer security Description about SQL-Injection and SYN attacks
Computer security Description about SQL-Injection and SYN attacksComputer security Description about SQL-Injection and SYN attacks
Computer security Description about SQL-Injection and SYN attacks
 
CNIT 128: Android Implementation Issues (Part 2)
CNIT 128: Android Implementation Issues (Part 2)CNIT 128: Android Implementation Issues (Part 2)
CNIT 128: Android Implementation Issues (Part 2)
 

Ähnlich wie Codeinjection

cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptxcgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptxprasadGade6
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionVishal Kumar
 
Web application security part 01
Web application security part 01Web application security part 01
Web application security part 01G Prachi
 
Secure code practices
Secure code practicesSecure code practices
Secure code practicesHina Rawal
 
Web application security
Web application securityWeb application security
Web application securityAkhil Raj
 
Django (Web Applications that are Secure by Default)
Django �(Web Applications that are Secure by Default�)Django �(Web Applications that are Secure by Default�)
Django (Web Applications that are Secure by Default)Kishor Kumar
 
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...IBM Security
 
IRJET - SQL Injection: Attack & Mitigation
IRJET - SQL Injection: Attack & MitigationIRJET - SQL Injection: Attack & Mitigation
IRJET - SQL Injection: Attack & MitigationIRJET Journal
 
Secure Coding BSSN Semarang Material.pdf
Secure Coding BSSN Semarang Material.pdfSecure Coding BSSN Semarang Material.pdf
Secure Coding BSSN Semarang Material.pdfnanangAris1
 
Computer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptxComputer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptxShivamBajaj36
 

Ähnlich wie Codeinjection (20)

Sql Injection
Sql InjectionSql Injection
Sql Injection
 
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptxcgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
cgbhjjjjjjjnmmmkmmmmmmkkkkkkTutorial5.pptx
 
Owasp top 10 2017
Owasp top 10 2017Owasp top 10 2017
Owasp top 10 2017
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL Injection
 
Cross site scripting XSS
Cross site scripting XSSCross site scripting XSS
Cross site scripting XSS
 
Web application security part 01
Web application security part 01Web application security part 01
Web application security part 01
 
Vulnerabilities in Web Applications
Vulnerabilities in Web ApplicationsVulnerabilities in Web Applications
Vulnerabilities in Web Applications
 
Secure code practices
Secure code practicesSecure code practices
Secure code practices
 
Web application security
Web application securityWeb application security
Web application security
 
Cross site scripting
Cross site scripting Cross site scripting
Cross site scripting
 
Types of attack
Types of attackTypes of attack
Types of attack
 
Django (Web Applications that are Secure by Default)
Django �(Web Applications that are Secure by Default�)Django �(Web Applications that are Secure by Default�)
Django (Web Applications that are Secure by Default)
 
T04505103106
T04505103106T04505103106
T04505103106
 
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
 
Injection attacks
Injection attacksInjection attacks
Injection attacks
 
IRJET - SQL Injection: Attack & Mitigation
IRJET - SQL Injection: Attack & MitigationIRJET - SQL Injection: Attack & Mitigation
IRJET - SQL Injection: Attack & Mitigation
 
a
aa
a
 
Secure Coding BSSN Semarang Material.pdf
Secure Coding BSSN Semarang Material.pdfSecure Coding BSSN Semarang Material.pdf
Secure Coding BSSN Semarang Material.pdf
 
Computer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptxComputer Network Case Study - bajju.pptx
Computer Network Case Study - bajju.pptx
 
OWASP TOP 10 VULNERABILITIS
OWASP TOP 10 VULNERABILITISOWASP TOP 10 VULNERABILITIS
OWASP TOP 10 VULNERABILITIS
 

Kürzlich hochgeladen

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 

Kürzlich hochgeladen (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 

Codeinjection

  • 1.
  • 2. What is code injection? • Code injection is the exploitation of a computer bug that is caused by processing invalid data. • Code injection can be used by an attacker to introduce (or "inject") code into a computer program to change the course of execution. • The results of a code injection attack can be disastrous
  • 4. Code injection can do • Arbitrarily modify values in a database through a type of code injection called SQL injection. The impact of this can range from defacement of a web site to serious compromisation of sensitive data. • Install malware on a computer by exploiting code injection vulnerabilities in a web browser or its plugins when the user visits a malicious site.
  • 5. • Install malware or execute malevolent code on a server, by PHP or ASP Injection. • Privilege escalation to root permissions by exploiting Shell Injection vulnerabilities in a setuid root binary on UNIX. • Privilege escalation to Local System permissions by exploiting Shell Injection vulnerabilities in a service on Windows. • Stealing sessions/cookies from web browsers using HTML/Script Injection (Cross-site scripting). Code injection can do
  • 6. Different types of Code injection • SQL injection • LDAP Injection • OS Command Injection • Cross-Site Scripting (“XSS”)
  • 7. SQL injection SQL injection attack consists of injection of malicious SQL commands via input data from the client to the application that are later passed to an instance of a database for execution and aim to affect the execution of predefined SQL commands.
  • 9. SQL injection • SQL injection consists of direct insertion of code into user-input variables which are concatenated with SQL commands and executed. • A less direct attack injects malicious code into strings that are destined for storage in a table or as metadata. • When the stored strings are subsequently concatenated into a dynamic SQL commands, the malicious code is then executed.
  • 10. SQL injection A successful SQL injection exploit can • Access sensitive data in the database, • Modify database data, • Execute administrative operations within the database (e.g. shutdown the DBMS), • Recover the content of a given file present on the DBMS file system • And in some cases issue commands to the operating system.
  • 12. Examples of SQL injection These attacks noted on the Eastern European website started early in March and by Wednesday March 12, 2008, 10,000 Web pages were compromised. Here is a diagram of how it is done
  • 13. Examples of SQL injection Here is a diagram of how to protect against it
  • 14. Examples of SQL injection * At BIDMC, we chose to implement Third Brigade's Host Based Intrusion Protection software, the Cool Technology of the Week. Third Brigade’s SQL Injection smart filter provides generic protection against SQL Injection attacks. * In addition, Third Brigade has released a specific exploit filter which identifies if a Web Site has been compromised and is serving malicious content to unsuspecting users. *Third Brigade provides protection against these Web Site attacks that are highly sophisticated and in some cases encoded using evasive techniques like URI encoding, double encoding, mixed case and non minimal UTF-8 encoding. * Install filters for known vulnerabilities in Browsers, Operating Systems and ActiveX Plugins * Install filters which prevent the user from accessing sites serving malicious pages. In this case, we released a specific protection which detects if the user visits a site that has malicious javascript in it. * Install filters which block domains which download the malware on the target machine. * Install filters detecting existence of known malware on the machine.
  • 15. LDAP Injection • LDAP is Lightweight Directory Access Protocol. • LDAP injection is an attack technique of exploiting web applications that use client- supplied data in LDAP statements without first stripping potentially harmful characters from the request.
  • 17. LDAP Injection ? • When a web application fails to properly sanitise user-supplied input, it is possible for an attacker to alter the construction of an LDAP statement. • Once an attacker is able to modify an LDAP statement, the process will run with the same permissions as the component that executed the command.(e.g. Database server, Web application server, Web server, etc.).
  • 18. • This can cause serious security problems where the permissions grant the rights to query, modify or remove anything inside the LDAP tree. • The same advanced exploitation techniques available in SQL Injection can also be similarly applied in LDAP Injection. LDAP Injection?
  • 19. Examples of LDAP Injection
  • 20. OS Command Injection • OS Command Injection also called as Shell Injection. • OS command injection is also known as Improper Sanitisation of Special Elements used in an OS Command and is a technique used via a web interface in order to execute OS commands on a web server.
  • 21. OS Command Injection? • The user supplies all or part of malformed OS command through a web interface. • If the web interface that is not properly sanitised the input is vulnerable to this exploit. • With the ability to execute OS commands, the user can inject unexpected and dangerous commands, upload malicious programs or even obtain passwords directly from the operating system.
  • 22. Examples of OS Command Injection
  • 23. Cross-Site Scripting (“XSS”) • Cross-site Scripting (“XSS“) is a type of injection attack, in which malicious scripts are introduced into the trusted websites. • This exploitation would occur when a web application uses user-supplied inputs as an output without validating or encoding it.
  • 26. Cross-Site Scripting (“XSS”) • The malicious content sent to the web browser can takes several forms including JavaScript, VBScript, ActiveX, HTML, Flash or any other type of code that the browser may execute. • XSS attacks can generally be categorised into three types: - Stored, - Reflected and - Document Object Mode based (“DOM- Based”).
  • 27. Cross-Site Scripting (“XSS”) • Stored XSS (Persistent) – Stored XSS attacks means that the injected malicious code is permanently stored on a target server such as a bulletin board, a visitor log, or a comment field, blogs, discussion boards. • When interacting with the target server, an end-user inadvertently retrieves and executes the malicious code from the server.
  • 29. Cross-Site Scripting (“XSS”) • Reflected XSS (Non-Persistent) – Reflected XSS attacks are those where the injected code is sent to a vulnerable web server that directs the crosssite attack back to the user’s browser. • This type of attacks aims to trick the users by clicking on a malicious link or submitting a specially crafted form. • The user’s browser then executes the malicious code, assuming it comes from a trusted server.
  • 31. Cross-Site Scripting (“XSS”) • DOM (Document Object Model) Based XSS – Unlike the previous two, DOM based XSS does not require the web server to receive the malicious XSS payload. • Instead, in a DOM-based XSS, the attack payload is embedded in the DOM object in the victim’s browser used by the original client side script, so that the client side code runs in an “unexpected” manner.
  • 32. • That means, the page itself (HTTP response) does not change, but the client side code contained in the page executes differently due to the malicious modifications that have occurred in the local DOM environment. • This attack is usually achieved by sending malicious URL to the users. Cross-Site Scripting (“XSS”)