Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Hacker Mindset CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Published byKerry McLaughlin Modified over 9 years ago

Similar presentations

Presentation on theme: "The Hacker Mindset CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University"— Presentation transcript:

1 The Hacker Mindset CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University http://adamdoupe.com

2 Adam Doupé, Security and Vulnerability Analysis What is a Vulnerability? Make the application to do something that it is not supposed to do Therefore, in order to find vulnerabilities, you must first understand the application –What is the intended functionality? –What is the intended behavior? –What does the application use as input? –What does the application produce as output?

3 Adam Doupé, Security and Vulnerability Analysis Example Find: unauthenticated users can edit page content Is this a vulnerability? –On cnn.com, yes! –On wikipedia.org, no! This is why understanding the web application is critical

4 Adam Doupé, Security and Vulnerability Analysis How to Rob a Bank* Step 1: Reconnaissance –Who works at the bank? –What is their role? –Who has the keys? –When do the guards change or take a break? –What does the layout of the bank look like? –What does the vault look like? –What kind of lock does the bank use? –…–… Step 2: Build elaborate plan Step 3: Everything goes wrong Step 4: Profit? *Knowledge comes from movies

5 Adam Doupé, Security and Vulnerability Analysis How to Rob a Web Application Step 1: Reconnaissance –How does the application work? –Are there user accounts? –Do the user accounts have different privileges? –How are privileges enforced? –What does the layout of the web application look like (URLs)? –What URLs should only be accessible via a certain privilege? –What is the input to the web application? –What is the output of the web application? –How is the web application probably written? Step 2: Develop vulnerability hypothesis Step 3: Test vulnerability hypothesis Step 4: Develop exploit Step 5: Profit

6 Adam Doupé, Security and Vulnerability Analysis Injection Vectors All user input to the web application Some examples –Query parameters –URL path –POST parameters –Cookies –Referer header –Files –Other websites (twitter feed) –Emails

7 Adam Doupé, Security and Vulnerability Analysis Understand Data Flow How does the input data flow through the program? –Data on page X is displayed on page Y and used to calculate the result of page Z How does the output of a page flow through the program? –Result of a calculation used as part of a tweet

8 Adam Doupé, Security and Vulnerability Analysis Summary First step to hacking is reconnaissance Critical to understand the web application –Helps to decide what is a vulnerability and what is not! Want to reverse engineer the web application –Ask yourself how would I have written this web application? –What mistakes might the developer have made?

Download ppt "The Hacker Mindset CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University"

Similar presentations

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
Detection Scenarios ReconWeaponizationDeliverExploitationInstallationC2 Act on Objectives File File - Name URI – Domain Name URI – URL HTTP - GET HTTP.

Detection Scenarios ReconWeaponizationDeliverExploitationInstallationC2 Act on Objectives File File - Name URI – Domain Name URI – URL HTTP - GET HTTP.
Modern Web Application Frameworks CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Modern Web Application Frameworks CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
Bypassing Client-Side Protection CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Bypassing Client-Side Protection CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
Ethics CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Ethics CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
Clickjacking CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Clickjacking CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
Attacking Authentication and Authorization CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Attacking Authentication and Authorization CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
Csci5931 Web Security1 Case Study: A Forensic Lesson for Web Security (MSS, part one)

Csci5931 Web Security1 Case Study: A Forensic Lesson for Web Security (MSS, part one)
Cross Site Request Forgery CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Cross Site Request Forgery CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.

Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.
Automating Bespoke Attack Ruei-Jiun Chapter 13. Outline Uses of bespoke automation ◦ Enumerating identifiers ◦ Harvesting data ◦ Web application fuzzing.

Automating Bespoke Attack Ruei-Jiun Chapter 13. Outline Uses of bespoke automation ◦ Enumerating identifiers ◦ Harvesting data ◦ Web application fuzzing.
Into the Mind of the Hacker: Hands-On Web Application Hacking Adam Doupé University of California, Santa Barbara 4/23/12.

Into the Mind of the Hacker: Hands-On Web Application Hacking Adam Doupé University of California, Santa Barbara 4/23/12.
Skills: create a Twitter account, subscribe to (follow) the class Twitter feed, post tweets Concepts: subscription This work is licensed under a Creative.

Skills: create a Twitter account, subscribe to (follow) the class Twitter feed, post tweets Concepts: subscription This work is licensed under a Creative.
Web Security Model CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Web Security Model CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
07 December 2009Slide 1 of 1207 December 2009Slide 1 of 12 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.

07 December 2009Slide 1 of 1207 December 2009Slide 1 of 12 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.
Chapter 8 DESIGNING WEBSITES - From Page to Stage Day 13.

Chapter 8 DESIGNING WEBSITES - From Page to Stage Day 13.
07 December 2009Slide 1 of 9 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.

07 December 2009Slide 1 of 9 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Similar presentations

Ads by Google