Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Slides:



Advertisements
Similar presentations
Preventing Web Application Injections with Complementary Character Coding Raymond Mui Phyllis Frankl Polytechnic Institute of NYU Presented at ESORICS.
Advertisements

What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.
HI-TEC 2011 SQL Injection. Client’s Browser HTTP or HTTPS Web Server Apache or IIS HTML Forms CGI Scripts Database SQL Server or Oracle or MySQL ODBC.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
WebGoat & WebScarab “What is computer security for $1000 Alex?”
Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.
Introduction to the OWASP Top 10. Cross Site Scripting (XSS)  Comes in several flavors:  Stored  Reflective  DOM-Based.
March Intensive: XSS Exploits
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Web Application Security ECE ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Web Applications Testing By Jamie Rougvie Supported by.
Building Secure Web Applications With ASP.Net MVC.
Cross Site Scripting and its Issues By Odion Oisamoje.
Cloud = Web, Web = Hacked! Fabio Viggiani. Why Web Apps? Every organization exposes web apps Most common entry point Image source:
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Web Application Vulnerabilities ECE 4112 Internetwork Security, Spring 2005 Chris Kelly Chris Lewis April 28, 2005 ECE 4112 Internetwork Security, Spring.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Presented By: Chandra Kollipara. Cross-Site Scripting: Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflow Analysis of Buffer Overflow Attacks.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
What Is XSS ? ! Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to.
EECS 354: Network Security Group Members: Patrick Wong Eric Chan Shira Schneidman Web Attacks Project: Detecting XSS and SQL Injection Vulnerabilities.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Unvalidated Redirects & Forwards
Google’s Gruyere1 : An XSS Example Presented by: Terry Gregory
Group 18: Chris Hood Brett Poche
CSCE 548 Student Presentation Ryan Labrador
An Introduction to Web Application Security
Module: Software Engineering of Web Applications
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
Security: Exploits & Countermeasures
Cross-Site Scripting Travis Deyarmin.
Static Detection of Cross-Site Scripting Vulnerabilities
Example – SQL Injection
A Security Review Process for Existing Software Applications
Security: Exploits & Countermeasures
Exploring DOM-Based Cross Site Attacks
Presentation transcript:

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP Foundation OWASP UTF7 XSS - Apache and Others Yaniv Miron aka “Lament” Israel 2008 September 14

OWASP 2 Disclaimers  This information is for learning purposes only.  Do NOT attack the site example.com.  The pictures in this presentation was freely available on the net as far as I know.

OWASP 3 General  New vulnerability.  Attack any Apache web server (May 2008).  Found in April 2008 by Yaniv Miron and Yossi Yakobov and published in May 2008.

OWASP 4 Cross Site Scripting aka “XSS”  What is XSS?  Computer security vulnerability typically found in web applications which allow code injection by malicious web users.  Examples  [URL] alert(31337)  [URL] alert(document.cookie)

OWASP 5 UTF7 Character Encoding  What is UTF7?  One of the many character encoding available.  Examples:  alert(31337)  +ADw-script+AD4-alert(31337)+ADw-/script+AD4-  alert(document.cookie)  +ADw-script+AD4-alert(document.cookie)+ADw- /script+AD4-

OWASP 6 Apache Web Server  What is Apache?  Well come on...

OWASP 7 The Vulnerability  A bit complicated.  Not fully automatic.  Infrastructure & Application attack.  All of the Apache versions are vulnerable (May 2008).

OWASP 8 Vulnerability Parts  Built from:  Web site that uses Apache web server.  HTML Injection.  UTF 7 XSS string.

OWASP 9 The String  Who knows what is behind this string? What kind of encoding/encryption it contains?  Znl5g3k70ZaBUPYmN5RAGUdkskoprzGI63K4mIj 2sqzbX0Kc3Fu7vfthepWhmKvjudPuJTNeK9zw5M aZ1yXJi8RJRRuPe5UahFwOblMXsIPTGh3pVjTLdi m3vuTKgdazOG9idQbIjbnpMEco8Zlo5xNRuCoviP x7x7tYYeOgc8HU46gaecJwnHY7f6GlQB8H6kBFhj oIaHE1SQPhU5VReCz1olPh5jZ

OWASP 10 Example  5RAGUdkskoprzGI63K4mIj2sqzbX0Kc3F u7vfthepWhmKvjudPuJTNeK9zw5MaZ1yXJi8RJR RuPe5UahFwOblMXsIPTGh3pVjTLdim3vu TKgdazOG9idQbIjbnpMEco8Zlo5xNRuCoviPx7x7t YYeOgc8HU46gaecJwnHY7f6GlQB8H6k BFhjoIaHE1SQPhU5VReCz1olPh5jZ+ADw- script+AD4-alert(‘UTF7 XSS Attack')+ADw- /script+AD4-

OWASP 11 Example - 2 nd part

OWASP 12 Future Development  Fully automatic attack

OWASP 13 Responses  Security Focus  Apache  Microsoft  HP

OWASP 14 How to Fix  Check:  Encoding.  Inputs.  Use non default 403/404 and other error pages.

OWASP 15 References  Security Focus  BID:  Exploit Example: ploits/29112.html ploits/29112.html  HP   Just Google my name “Yaniv Miron” =]

OWASP 16 [-] E0F [-]  Thank you for listening!  Yaniv Miron aka “Lament” - Comsec Consulting   Yossi Yakobov - Comsec Consulting 

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.