Ram Santhanam Application Level Attacks - Session Hijacking & Defences

Slides:



Advertisements
Similar presentations
Nick Feamster CS 6262 Spring 2009
Advertisements

The OWASP Foundation Web Application Security Host Apps Firewall Host Apps Database Host Web serverApp serverDB server Securing the.
HI-TEC 2011 SQL Injection. Client’s Browser HTTP or HTTPS Web Server Apache or IIS HTML Forms CGI Scripts Database SQL Server or Oracle or MySQL ODBC.
SEC835 OWASP Top Ten Project.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Common Exploits Aaron Cure Cypress Data Defense. SQL Injection.
More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.
Attacking Session Management Juliette Lessing
Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Security Issues and Challenges in Cloud Computing
A Third Party Service for Providing Trust on the Internet Work done in 2001 at HP Labs by Michael VanHilst and Ski Ilnicki.
Time Passes, Security Changes… Christian Huitema Monday, August 1, 2005 IETF, Application Area Meeting.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Online Security Tuesday April 8, 2003 Maxence Crossley.
Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
Demonstrating HTTP Session Hijacking through ARP Cache Poisoning and Man-in-the-Middle Attack and exploring HTTPS and VOIP session vulnerabilities Mainuddin.
Lecture 16 Page 1 CS 236 Online Cross-Site Scripting XSS Many sites allow users to upload information –Blogs, photo sharing, Facebook, etc. –Which gets.
Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
SSH Secure Login Connections over the Internet
CSCI 6962: Server-side Design and Programming
Csci5233 Computer Security1 GS: Chapter 6 Using Java Cryptography for Authentication.
C HAPTER 7 Client-State Manipulation Slides adapted from "Foundations of Security: What Every Programmer Needs To Know" by Neil Daswani, Christoph Kern,
Prevent Cross-Site Scripting (XSS) attack
+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.
CSCI 6962: Server-side Design and Programming Secure Web Programming.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.
Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.
November 13, 2008 Ohio Information Security Forum Attack Surface of Web Applications James Walden Northern Kentucky University
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Client Side Vulnerabilities Aka, The Perils of HTTP Lesson 14.
School of Computing and Information Systems CS 371 Web Application Programming Security Avoiding and Preventing Attacks.
Foundations of Network and Computer Security J J ohn Black CSCI 6268/TLEN 5550, Spring 2013.
All Input is Evil (Part 1) Introduction Will not cover everything Healthy level of paranoia Use my DVD Swap Shop application (week 2)
SEC835 Runtime authentication Secure session management Secure use of cryptomaterials.
Broken Authentication & Session Management. What is it ? Bad implementation of authentication and session management. If an attacker can get your session.
Network Security, CS6262 Richard G. Personal Information Masquerading, Profiling, Snooping.
Saphe surfing! 1 SAPHE Secure Anti-Phishing Environment Presented by Uri Sternfeld.
Cookies COEN 351 E-commerce Security. Client / Session Identification HTTP Headers Client IP Address HTTP User Login FAT URLs Cookies.
Can SSL and TOR be intercepted? Secure Socket Layer.
Measures to prevent MITM attack and their effectiveness CSCI 5931 Web Security Submitted By Pradeep Rath Date : 23 rd March 2004.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Web Security.
Session Management Tyler Moore CS7403 University of Tulsa Slides adapted in part or whole from Dan Boneh, Stanford CS155 1.
Do not try any of the techniques discussed in this presentation on a system you do not own. It is illegal and you will get caught.
Carrie Estes Collin Donaldson.  Zero day attacks  “zero day”  Web application attacks  Signing up for a class  Hardening the web server  Enhancing.
SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.
ENCRYPTION, SSL, CERTIFICATES RACHEL AKISADA & MELANIE KINGSLEY.
SESSION HIJACKING It is a method of taking over a secure/unsecure Web user session by secretly obtaining the session ID and masquerading as an authorized.
Srinivas Balivada USC CSCE548 07/22/2016.  Cookies are generally set server-side using the ‘Set-Cookie’ HTTP header and sent to the client  In PHP to.
Building Secure ColdFusion Applications
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
Security: Exploits & Countermeasures
Security: Exploits & Countermeasures
CS 371 Web Application Programming
Foundations of Network and Computer Security
Web Security Advanced Network Security Peter Reiher August, 2014
WWW安全 國立暨南國際大學 資訊管理學系 陳彥錚.
Security: Exploits & Countermeasures
Security: Exploits & Countermeasures
Security: Exploits & Countermeasures
Security: Attacks & Countermeasures
Presentation transcript:

Ram Santhanam Application Level Attacks - Session Hijacking & Defences Project Presentation Ram Santhanam Application Level Attacks - Session Hijacking & Defences

What is a session? Definition from FOLDOC A lasting connection between a user (or user agent i.e. browser) and a server usually involving the exchange of many requests Typically maintained by the server Includes a data store or a table to store user state and other user specific information Includes an index to the table (aka session key or session-id) Created on first request or after an authentication process Session-id exchanged between browser and server on every request. Different ways to exchange session-ids URL Rewriting Hidden Form fields Cookies (most common) Hijacking Stealing of this session-id and using it to impersonate and access data Passive attack difficult to detect

Typical Session

Attack Methods Guessing Session Id Session Fixing shorter length, predictable Session Fixing predictable, session created before authenticated Security Vulnerabilities in Hops trusting private networks, vulnerabilites in web servers, etc Session Sniffing (typical on non SSL sessions) same subnet as client or server Man in the Middle Attack (SSL) ARP Poisoning, DNS Spoofing Cross Site Scripting (XSS) User trusting source, application vulnerability

Session Sniffing

Man in the Middle Attack

Cross Site Scripting (XSS) Hacker inserts a rogue script to a trusted site. Common in social / community sites.

Defence Methods Educating the users Paying attention to https vs. non-https Properly signing out Not clicking on links but copying and pasting them. Using high entropy in session id generation (see Tomcat e.g.) Higher the entropy more difficult to predict Timing out sessions reduce window of vulnerability Using SSL for all communications difficult to sniff Forcing Re-authentication or step-up authentication limit damage if session is hijacked Re-generating session-ids Using Context data for validating session-ids. make it difficult to use a hijacked id Input validation prevent XSS and other vulnerabilities

Tomcat Session Id generation The session id is generated through by a random number. For random number generation, Java's SecureRandom class is used. This class provides a cryptographically strong random number generator using DSA/RSA/MD5 or SHA-1 The seed (64 bit) for generating the random number is constructed by bitwise xoring the system time with an entropy string The entropy string comes from a hash value constructed from the device drivers running on the server. Using the SecureRandom class a 16 (128 bit) byte random number is generated. A one way hash of the random number is performed. A 32 byte (256 bit) hexadecimal number is created from by taking 4 bits at a time from the 16 bytes. This 32 byte (256 bit) is used as the jsessionid

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.