The Hacker Mindset CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Slides:

Advertisements

Similar presentations

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Advertisements

Detection Scenarios ReconWeaponizationDeliverExploitationInstallationC2 Act on Objectives File File - Name URI – Domain Name URI – URL HTTP - GET HTTP.

Modern Web Application Frameworks CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Bypassing Client-Side Protection CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Ethics CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Clickjacking CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Attacking Authentication and Authorization CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Csci5931 Web Security1 Case Study: A Forensic Lesson for Web Security (MSS, part one)

Cross Site Request Forgery CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Cross Site Scripting a.k.a. XSS Szymon Siewior. Disclaimer Everything that will be shown, was created for strictly educational purposes. You may reuse.

Automating Bespoke Attack Ruei-Jiun Chapter 13. Outline Uses of bespoke automation ◦ Enumerating identifiers ◦ Harvesting data ◦ Web application fuzzing.

Into the Mind of the Hacker: Hands-On Web Application Hacking Adam Doupé University of California, Santa Barbara 4/23/12.

Skills: create a Twitter account, subscribe to (follow) the class Twitter feed, post tweets Concepts: subscription This work is licensed under a Creative.

Web Security Model CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

07 December 2009Slide 1 of 1207 December 2009Slide 1 of 12 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.

Chapter 8 DESIGNING WEBSITES - From Page to Stage Day 13.

07 December 2009Slide 1 of 9 SQL Injection Primer By Nicole Gray, Cliff McCullough, Joe Hernandez.

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Web-based Document Management System By Group 3 Xinyi Dong Matthew Downs Joshua Ferguson Sriram Gopinath Sayan Kole.

Threats to I.T Internet security By Cameron Mundy.

Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.

W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.

28/08/2015SJF L31 F21SF Software Engineering Foundations ASSUMPTIONS AND TESTING Monica Farrow EM G30 Material available on Vision.

Cross-Site Scripting Vulnerabilities Adam Doupé 11/24/2014.

+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.

WEB SECURITY WEEK 3 Computer Security Group University of Texas at Dallas.

CSCI 6962: Server-side Design and Programming Secure Web Programming.

A Security Review Process for Existing Software Applications

Intro to Online Advertising.

Security Testing Case Study 360logica Software Testing Services.

10/13/2015 ©2006 Scott Miller, University of Victoria 1 Content Serving Static vs. Dynamic Content Web Servers Server Flow Control Rev. 2.0.

ETHICAL ISSUES SURROUND ELECTRONIC COMMUNICATIONS Unit 3.

Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim

SETTING UP AN INTERNET NETWORK What you’ll need Your options How does data travel the Internet? Different terminology.

SQL INJECTIONS Presented By: Eloy Viteri. What is SQL Injection An SQL injection attack is executed when a web page allows users to enter text into a.

Aniket Joshi Justin Thomas. Agenda Introduction to SQL Injection SQL Injection Attack SQL Injection Prevention Summary.

Web Application Vulnerabilities ECE 4112 Internetwork Security, Spring 2005 Chris Kelly Chris Lewis April 28, 2005 ECE 4112 Internetwork Security, Spring.

Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 5 INTRODUCTION TO SYSTEMS ANALYSIS AND DESIGN: AN AGILE, ITERATIVE APPROACH CHAPTER.

PwC New Technologies New Risks. PricewaterhouseCoopers Technology and Security Evolution Mainframe Technology –Single host –Limited Trusted users Security.

Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer.

Graciela Saunders.  Introduction / Review  Challenges to Embedded Security  Approaches to Embedded Security  Security Analysis & Attack Taxonomy 

Protecting Browsers from Extension Vulnerabilities Paper by: Adam Barth, Adrienne Porter Felt, Prateek Saxena at University of California, Berkeley and.

Presented By: Chandra Kollipara. Cross-Site Scripting: Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected.

COMP9321 Web Application Engineering Semester 2, 2015 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 1COMP9321, 15s2, Week.

NetTech Solutions Supporting Internet Explorer in Windows XP Lesson Eleven.

Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?

PHP Error Handling & Reporting. Error Handling Never allow a default error message or error number returned by the mysql_error() and mysql_errno() functions.

Dilip Dwarakanath.  The topic I’m about to present was taken from a paper titled “Apple iOS 4 Security Evaluation” written by Dino A Dai Zovi.  Dino.

CSC 2720 Building Web Applications Basic Frameworks for Building Dynamic Web Sites / Web Applications.

What Is XSS ? ! Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to.

Ethics CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Software Security CSE 545 – Software Security Spring 2016 Adam Doupé Arizona State University

CREATE, IMPLEMENT AND ENJOY! Blogs,Wikis & RSS Readers.

Host and Application Security Lesson 9: Vulnerabilities, part 1.

Computer Science & Engineering 2111 Database Objects 1 CSE 2111 Introduction to Database Management Systems.

ASP.NET 2.0 Security Alex Mackman CM Group Ltd

Web Programming with PHP (3) Superglobals, Form & File processing.

COMP9321 Web Application Engineering Semester 2, 2017

Creating your online identity

Javascript worms By Benjamin Mossé SecPro

BBNC Lingo What do the following refer to? So what are these? Web page

Common Methods Used to Commit Computer Crimes

Ethics CSE 591 – Security and Vulnerability Analysis Spring 2017

A Security Review Process for Existing Software Applications

Stealing Credentials.

Ethics CSE 545 – Software Security Spring 2018 Adam Doupé

A Gift of Fire Third edition Sara Baase

A Gift of Fire Third edition Sara Baase

Presentation transcript:

The Hacker Mindset CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Adam Doupé, Security and Vulnerability Analysis What is a Vulnerability? Make the application to do something that it is not supposed to do Therefore, in order to find vulnerabilities, you must first understand the application –What is the intended functionality? –What is the intended behavior? –What does the application use as input? –What does the application produce as output?

Adam Doupé, Security and Vulnerability Analysis Example Find: unauthenticated users can edit page content Is this a vulnerability? –On cnn.com, yes! –On wikipedia.org, no! This is why understanding the web application is critical

Adam Doupé, Security and Vulnerability Analysis How to Rob a Bank* Step 1: Reconnaissance –Who works at the bank? –What is their role? –Who has the keys? –When do the guards change or take a break? –What does the layout of the bank look like? –What does the vault look like? –What kind of lock does the bank use? –…–… Step 2: Build elaborate plan Step 3: Everything goes wrong Step 4: Profit? *Knowledge comes from movies

Adam Doupé, Security and Vulnerability Analysis How to Rob a Web Application Step 1: Reconnaissance –How does the application work? –Are there user accounts? –Do the user accounts have different privileges? –How are privileges enforced? –What does the layout of the web application look like (URLs)? –What URLs should only be accessible via a certain privilege? –What is the input to the web application? –What is the output of the web application? –How is the web application probably written? Step 2: Develop vulnerability hypothesis Step 3: Test vulnerability hypothesis Step 4: Develop exploit Step 5: Profit

Adam Doupé, Security and Vulnerability Analysis Injection Vectors All user input to the web application Some examples –Query parameters –URL path –POST parameters –Cookies –Referer header –Files –Other websites (twitter feed) – s

Adam Doupé, Security and Vulnerability Analysis Understand Data Flow How does the input data flow through the program? –Data on page X is displayed on page Y and used to calculate the result of page Z How does the output of a page flow through the program? –Result of a calculation used as part of a tweet

Adam Doupé, Security and Vulnerability Analysis Summary First step to hacking is reconnaissance Critical to understand the web application –Helps to decide what is a vulnerability and what is not! Want to reverse engineer the web application –Ask yourself how would I have written this web application? –What mistakes might the developer have made?