Exploitation: Buffer Overflow, SQL injection, Adobe files Source:

Slides:

Advertisements

Similar presentations

Module XIV SQL Injection

Advertisements

© 2008 Security Compass inc. 1 Firefox Plug-ins for Application Penetration Testing Exploit-Me.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.

1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.

Introduction The concept of “SQL Injection”

Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.

By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

SQL Injection and Buffer overflow

University of Washington CSE 351 : The Hardware/Software Interface Section 5 Structs as parameters, buffer overflows, and lab 3.

CS252: Systems Programming Ninghui Li Final Exam Review.

Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.

CSCI 6962: Server-side Design and Programming Secure Web Programming.

Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.

Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.

Chapter 1 Introduction Dr. Frank Lee. 1.1 Why Study Compiler? To write more efficient code in a high-level language To provide solid foundation in parsing.

Computer Security and Penetration Testing

BLENDED ATTACKS EXPLOITS, VULNERABILITIES AND BUFFER-OVERFLOW TECHNIQUES IN COMPUTER VIRUSES By: Eric Chien and Peter Szor Presented by: Jesus Morales.

Attacking Applications: SQL Injection & Buffer Overflows.

Accessing MySQL with PHP IDIA 618 Fall 2014 Bridget M. Blodgett.

Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim

OWASP Top Ten #1 Unvalidated Input. Agenda What is the OWASP Top 10? Where can I find it? What is Unvalidated Input? What environments are effected? How.

Defending Browsers against Drive-by Downloads:Mitigating Heap-Spraying Code Injection Attacks Authors:Manuel Egele, Peter Wurzinger, Christopher Kruegel,

Unit-1 Introduction Prepared by: Prof. Harish I Rathod

APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.

Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.

Input Validation – common associated risks  ______________ user input controls SQL statements ultimately executed by a database server

Aniket Joshi Justin Thomas. Agenda Introduction to SQL Injection SQL Injection Attack SQL Injection Prevention Summary.

By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.

CSCE 548 Integer Overflows Format String Problem.

PHP Error Handling & Reporting. Error Handling Never allow a default error message or error number returned by the mysql_error() and mysql_errno() functions.

Lecture 13 Page 1 CS 236 Online Major Problem Areas for Secure Programming Certain areas of programming have proven to be particularly prone to problems.

EECS 354: Network Security Group Members: Patrick Wong Eric Chan Shira Schneidman Web Attacks Project: Detecting XSS and SQL Injection Vulnerabilities.

Secure Authentication. SQL Injection Many web developers are unaware of how SQL queries can be tampered with SQL queries are able to circumvent access.

Information Security - 2. A Stack Frame. Pushed to stack on function CALL The return address is copied to the CPU Instruction Pointer when the function.

Group 9. Exploiting Software The exploitation of software is one of the main ways that a users computer can be broken into. It involves exploiting the.

Security Attacks Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.

Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.

By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,

@Yuan Xue Worm Attack Yuan Xue Fall 2012.

Hacker Games By Wenonah Abadilla. What is a Hacker Game? Learn and practice security concepts Fun-filled games.

PHP is a server scripting language, and a powerful tool for making dynamic and interactive Web pages. PHP is a widely-used, free, and efficient alternative.

Secure Programming Dr. X

Secure Coding Techniques

Major Problem Areas for Secure Programming

Group 18: Chris Hood Brett Poche

Web Application Security

Introduction to Operating Systems

Secure Programming Dr. X

Module 30 (Unix/Linux Security Issues II)

Example – SQL Injection

Unix System Administration

SQL INJECTION ATTACKS.

Penetration Test Debrief

MIS Professor Sandvig MIS 324 Professor Sandvig

Introduction to Operating Systems

PHP: Security issues FdSc Module 109 Server side scripting and

Lecture 2 - SQL Injection

WWW安全國立暨南國際大學資訊管理學系陳彥錚.

Lecture 27 Security I April 4, 2018 Open news web sites.

Understanding and Preventing Buffer Overflow Attacks in Unix

Lecture 34: Testing II April 24, 2017 Selenium testing script 7/7/2019

FIGURE Illustration of Stack Buffer Overflow

Format String Vulnerability

Return-to-libc Attacks

Presentation transcript:

Exploitation: Buffer Overflow, SQL injection, Adobe files Source:

Buffer Overflows n Integer Overflow Vulnerabilities – insufficient input validation, not a buffer overflow – errors in integer operations may cause the integer to overflowinteger to overflow – may represent the size of a packet or length of a stringsize of a packet or length of a string – exploits take advantage of integer overflow indirectly indirectly – a few actual examples.examples. n Stack-based Buffer Overflows – Buffer overflows are the result of a buffer receiving data that are larger than the allocate space. Buffer overflows – Stack-based overflows are the most common because are the easiest to exploit (see the examples in the link).Stack-based overflows – Modern compilers (e.g. MS Visual C ) use a technique known as stack cookies to prevent use of invalid return addresses, but not enough. stack cookies – Data Execution Prevention (DEP) of modern processors can be used to make the stack area non executable. Data Execution Prevention

SQL Injection n Concept “attacks that result from failing to validate input including portions of SQL statements in a web form entry field in an attempt to pass a newly formed rogue SQL command to the database.”attacks n Description and examples – PHP manual on SQL injection with examples, see also OWASP. PHP manualOWASP – Imperva video demonstration of SQL injection Imperva video – SQL Injection Cheat Sheet: code for MySQL, MS SQL, Oracle SQL Injection Cheat Sheet: n Scanning and mitigation – Business scanners and free scan tool Business scannersscan tool – Mitigation: sanitation, PHP mysql escape function and validation. Mitigationsanitation, PHP mysql escape function validation. – References: more in validation, MS library, ASSIST, parse tree validation.more in validationMS libraryASSISTparse tree validation.

Adobe files (pdf) n Why pdf files are a security issue?pdf – Most if not all machines have a pdf reader (some are vulnerable) – Attackers use pdf files to deliver malicious code because: users download them, and so do, automatically. browsers. – Malicious pdf files contain JavaScript, but some execute code even without JavaScript. n The pdf file structure: objects with text, streams, etc – Graphical representations: overview, Stevens, Parker, details.overviewStevensParker, details. – To run a JavaScript use <</Type/Action …. JS <</Open/Action << JS … Example of non-malicious use of JavaScript in pdf files.JavaScript Example – Stevens tools to parse and create JavaScript in a pdf file.tools to parse and create n Mitigating and/or reducing the risks of malicious pdf files – Disable JavaScript in the pdf reader, make browser open pdf files in the pdf reader. – Use Stevens tool to check for JavaScript in files you mistrust.