Web Application Security

R. Srivigneshwar & V. Deepak Achariya Arts and Science College Pondicherry.

[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

[object Object],[object Object]

[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

[object Object],[object Object],let's take a search CGI that accepts a template parameter: Search.exe?template=result.html&q=security By replacing the template parameter, a hacker can obtain access to any file he wants, such as /etc/passwd or the site's private key, Search.exe?template=/etc/passwd&q=security

[object Object],[object Object],[object Object]

A way to secure the application: simply refuse to allow hackers to exploit the vulnerabilities.

[object Object],[object Object],[object Object],[object Object]

[object Object],[object Object],[object Object],[object Object],[object Object]

Item 1 = 00 Item 3 = 10 Item 2 = 01 Item 4 = 11 Expander Server Browser Policy Recognition Engine Reducer

Web Application Security

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Andere mochten auch

Andere mochten auch (8)

Ähnlich wie Web Application Security

Ähnlich wie Web Application Security (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Web Application Security