Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Slides:



Advertisements
Similar presentations
Webgoat.
Advertisements

OWASP’s Ten Most Critical Web Application Security Vulnerabilities
Hands-on SQL Injection Attack and Defense HI-TEC July 21, 2013.
Don’t get Stung (An introduction to the OWASP Top Ten Project) Barry Dorrans Microsoft Information Security Tools NEW AND IMPROVED!
SEC835 OWASP Top Ten Project.
Web Application Security Vulnerabilities Yen-Cheng Chen Department of Information Management National Chi Nan University Puli, 545 Nantou, Taiwan
Security Issues and Challenges in Cloud Computing
1 © 2003 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Web Security Martin Nystrom, CISSP Security Architect Cisco Systems, Inc.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Security in Application & SDLC
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Web Application Security An Introduction. OWASP Top Ten Exploits *Unvalidated Input Broken Access Control Broken Authentication and Session Management.
Web Services and Authentication
1 Security in Application & SDLC Barkan Asaf Nov, 2006.
Jonas Thomsen, Ph.d. student Computer Science University of Aarhus Best Practices and Techniques for Building Secure Microsoft.
Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software
The 10 Most Critical Web Application Security Vulnerabilities
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
Web Application Security
OWASP Mobile Top 10 Why They Matter and What We Can Do
Martin Kruliš by Martin Kruliš (v1.0)1.
Introduction to Application Penetration Testing
Secure Software Development Mini Zeng University of Alabama in Huntsville 1.
Web Security Overview Lohika ASC team 2009
OWASP Zed Attack Proxy Project Lead
CSC 2720 Building Web Applications
Security.NET Chapter 1. How Do Attacks Occur? Stages of attack Examples of attacker actions 1. FootprintRuns a port scan on the firewall 2. PenetrationExploits.
Lets Make our Web Applications Secure. Dipankar Sinha Project Manager Infrastructure and Hosting.
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
Copyright © 2008, CIBER Norge AS 1 Web Application Security Nina Ingvaldsen 22 nd October 2008.
CSC 2720 Building Web Applications Web Application Security.
November 13, 2008 Ohio Information Security Forum Attack Surface of Web Applications James Walden Northern Kentucky University
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Software Security Testing Vinay Srinivasan cell:
Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim
School of Computing and Information Systems CS 371 Web Application Programming Security Avoiding and Preventing Attacks.
OWASP Top Ten #1 Unvalidated Input. Agenda What is the OWASP Top 10? Where can I find it? What is Unvalidated Input? What environments are effected? How.
All Input is Evil (Part 1) Introduction Will not cover everything Healthy level of paranoia Use my DVD Swap Shop application (week 2)
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
October 3, 2008IMI Security Symposium Application Security through a Hacker’s Eyes James Walden Northern Kentucky University
nd Joint Workshop between Security Research Labs in JAPAN and KOREA Marking Scheme for Semantic- aware Web Application Security HPC.
Building Secure Web Applications With ASP.Net MVC.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
Security fundamentals Topic 8 Securing network applications.
COMP9321 Web Application Engineering Semester 2, 2015 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 1COMP9321, 15s2, Week.
CS526Topic 12: Web Security (2)1 Information Security CS 526 Topic 9 Web Security Part 2.
Database Security Cmpe 226 Fall 2015 By Akanksha Jain Jerry Mengyuan Zheng.
OWASP Building Secure Web Applications And the OWASP top 10 vulnerabilities.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Web Security.
Defending Applications Against Command Insertion Attacks Penn State Web Conference 2003 Arthur C. Jones June 18, 2003.
ASP.NET 2.0 Security Alex Mackman CM Group Ltd
Do not try any of the techniques discussed in this presentation on a system you do not own. It is illegal and you will get caught.
CFUNITED – The premier ColdFusion conference ColdFusion Application Security The Top Ten Most Critical Web Application Security Vulnerabilities.
2006 Adobe Systems Incorporated. All Rights Reserved. ColdFusion Application Security Adam Wayne Lehman ColdFusion Specialist Adobe Systems, Inc.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Web Application Vulnerabilities
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
Chapter 7: Identifying Advanced Attacks
TOPIC: Web Security (Part-4)
Marking Scheme for Semantic-aware Web Application Security
امنیت نرم‌افزارهای وب تقديم به پيشگاه مقدس امام عصر (عج) عباس نادری
OWASP Top 10 Vulnerabilities: Panel Discussion
WWW安全 國立暨南國際大學 資訊管理學系 陳彥錚.
Presentation transcript:

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W Chen

Information Networking Security and Assurance Lab National Chung Cheng University OWASP Top Ten Vulnerabilities Outline A1 Unvalidated Input A5 Buffer Overflows A10 Insecure Configuration Management A2 Broken Access Control A3 Broken Authentication and Session Management A4 Cross Site Scripting (XSS) Flaws A6 Injection Flaws A7 Improper Error Handling A8 Insecure Storage A9 Denial of Service

Information Networking Security and Assurance Lab National Chung Cheng University Example Web Application Browser Web ServerApplication Server Database Server Internal Network DMZProtected Network Internet

Information Networking Security and Assurance Lab National Chung Cheng University Top Ten Vulnerabilities this year & last year

Information Networking Security and Assurance Lab National Chung Cheng University A1 Unvalidated Input (1/3) Attacker can tamper with any part of an HTTP request, including url, querystring, headers, cookies, form fields, and hidden field. Related Attack  A4 Cross site Scripting  A5 Buffer Overflows  A6 Injection Flaws

Information Networking Security and Assurance Lab National Chung Cheng University A1 Unvalidated Input (2/3) Any malicious user can see the QueryString and modify it! from phones SELECT name, phone FROM phones WHERE phoneid=34; DELETE FROM phones Manipulation What will be done? Example: (SQL Injection)

Information Networking Security and Assurance Lab National Chung Cheng University A1 Unvalidated Input (3/3) Countermeasures  Parameter should be validate before they are used. Data type Allow character set Minimum and maximum length Whether null is allowed Whether the parameter is require or not Whether duplicates are allowed Numeric range

Information Networking Security and Assurance Lab National Chung Cheng University A2 Broken Access Control Access Control = Authorization Countermeasures  Use access control matrix to define access control rules.  Administrative function can use VPN to protect. Path traversal File permissions – may allow access to config/password files Client-side caching Insecure session IDs or keys Forced browsing past access control checks

Information Networking Security and Assurance Lab National Chung Cheng University A3 Broken Authentication and Session Management Weak authentication Countermeasures  Strong passwords  Account List protection  Session ID Protection (SSL) Password-only Easily guessable usernames Unencrypted secrets could be sniffed Trust relationships between hosts

Information Networking Security and Assurance Lab National Chung Cheng University A4 Cross Site Scripting (XSS) Flaws Attacker uses a trust application/company to send malicious code to end-user. <a href= idForm.cookie.value=document.cookie; idForm.submit(); > here “cookie robbed!!” Source : Bo

Information Networking Security and Assurance Lab National Chung Cheng University A5 Buffer Overflows Mostly affects web/app servers Goal: crash the target app and get a shell Countermeasures  Keep up with bug reports  Periodically scan your website  Code reviews –echo “vrfy `perl –e ‘print “a” x 1000’`” |nc –char shellcode[] = “\xeb\xlf\x5e\x89\x76\x08…” Replace this with something like this… Example:

Information Networking Security and Assurance Lab National Chung Cheng University A6 Injection Flaws Allows attacker to relay malicious code through a web application to another system. Countermeasures  Avoid system calls (use libraries instead)  Validate input information.  Run with limited privileges Path traversal: “../” Add more commands: “; rm –r *” SQL injection: “’ OR 1=1”

Information Networking Security and Assurance Lab National Chung Cheng University Helps attacker know how to target the application. Countermeasures  Code review  Modify default error pages (404, 401, etc.) A7 Improper Error Handling “File not found” vs. “Access denied” Example:

Information Networking Security and Assurance Lab National Chung Cheng University A8 Insecure Storage Insecure storage of sensitive information. Countermeasures  Use a one-way hash function(SHA-1) instead of storing encrypted data.  Make sure no open vulnerabilities in cryptography. Improper storage of secrets in memory Poor randomness Poor choice of algorithm Failure to encrypt critical dataInsecure storage of keys, certificates, and passwords

Information Networking Security and Assurance Lab National Chung Cheng University A9 Denial of Service Legitimate users can’t be serviced. Countermeasures  Limit the sources allocated to any user to a bare minimum.  Avoid any unnecessary access to databases or other expensive resource. Exhaust the system resources Legitimate account lock out

Information Networking Security and Assurance Lab National Chung Cheng University A10 Insecure Configuration Management Developers ≠ web masters Countermeasures  Configure all security mechanisms.  Turn off all unused services.  Set up and audit roles, permissions, and accounts.  logging and alerts. Unpatched security flaws in the server software. Improper file and directory permission. Default accounts with their default passwords. Configuration problems:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.