Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.

Slides:

Advertisements

Similar presentations

Advertisements

Preventing Web Application Injections with Complementary Character Coding Raymond Mui Phyllis Frankl Polytechnic Institute of NYU Presented at ESORICS.

Web Security Never, ever, trust user inputs Supankar.

What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.

© 2008 Security Compass inc. 1 Firefox Plug-ins for Application Penetration Testing Exploit-Me.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Sara SartoliAkbar Siami Namin NSF-SFS workshop July 14-18, 2014.

Introduction to the OWASP Top 10. Cross Site Scripting (XSS)  Comes in several flavors:  Stored  Reflective  DOM-Based.

CROSS SITE SCRIPTING..! (XSS). Overview What is XSS? Types of XSS Real world Example Impact of XSS How to protect against XSS?

Injection Attacks by Example SQL Injection and XSS Adam Forsythe Thomas Hollingsworth.

Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software

Preventing SQL Injection ~example of SQL injection $user = $_POST[‘user’]; $pass = $_POST[‘pass’]; $query = DELETE FROM Users WHERE user = ‘$user’ AND.

Secure Software Engineering: Input Vulnerabilities

Lets Make our Web Applications Secure. Dipankar Sinha Project Manager Infrastructure and Hosting.

Analysis of SQL injection prevention using a proxy server By: David Rowe Supervisor: Barry Irwin.

Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.

A Security Review Process for Existing Software Applications

1 PHP and MySQL. 2 Topics  Querying Data with PHP  User-Driven Querying  Writing Data with PHP and MySQL PHP and MySQL.

© All rights reserved. Zend Technologies, Inc. PHP Security Kevin Schroeder Zend Technologies.

Exploitation: Buffer Overflow, SQL injection, Adobe files Source:

Attacking Applications: SQL Injection & Buffer Overflows.

Accessing MySQL with PHP IDIA 618 Fall 2014 Bridget M. Blodgett.

Web Application Security ECE ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.

Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.

Top Five Web Application Vulnerabilities Vebjørn Moen Selmersenteret/NoWires.org Norsk Kryptoseminar Trondheim

School of Computing and Information Systems CS 371 Web Application Programming Security Avoiding and Preventing Attacks.

Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.

Input Validation – common associated risks  ______________ user input controls SQL statements ultimately executed by a database server

Aniket Joshi Justin Thomas. Agenda Introduction to SQL Injection SQL Injection Attack SQL Injection Prevention Summary.

By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.

Web Application Vulnerabilities ECE 4112 Internetwork Security, Spring 2005 Chris Kelly Chris Lewis April 28, 2005 ECE 4112 Internetwork Security, Spring.

Security Considerations Steve Perry

Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.

Security Attacks CS 795. Buffer Overflow Problem Buffer overflow Analysis of Buffer Overflow Attacks.

 Previous lessons have focused on client-side scripts  Programs embedded in the page’s HTML code  Can also execute scripts on the server  Server-side.

Mr. Justin “JET” Turner CSCI 3000 – Fall 2015 CRN Section A – TR 9:30-10:45 CRN – Section B – TR 5:30-6:45.

EECS 354: Network Security Group Members: Patrick Wong Eric Chan Shira Schneidman Web Attacks Project: Detecting XSS and SQL Injection Vulnerabilities.

INFO 344 Web Tools And Development CK Wang University of Washington Spring 2014.

Chapter 9 Using PHP with MySQL Part 2. view_users.php Script 9.4 on page 283 iew_users.php

Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.

ADVANCED SQL.  The SQL ORDER BY Keyword  The ORDER BY keyword is used to sort the result-set by one or more columns.  The ORDER BY keyword sorts the.

SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.

Web Security (cont.) 1. Referral issues r HTTP referer (originally referrer) – HTTP header that designates calling resource  Page on which a link is.

Group 18: Chris Hood Brett Poche

Web Application Security

Module: Software Engineering of Web Applications

An Introduction to Web Application Security

Module: Software Engineering of Web Applications

Web Application Vulnerabilities, Detection Mechanisms, and Defenses

Introduction to Dynamic Web Programming

Cross-Site Scripting Travis Deyarmin.

CS 371 Web Application Programming

Example – SQL Injection

A Security Review Process for Existing Software Applications

Security of web applications.

Web Systems Development (CSC-215)

PHP: Security issues FdSc Module 109 Server side scripting and

Lecture 2 - SQL Injection

Using PHP with MySQL Part 2

WWW安全國立暨南國際大學資訊管理學系陳彥錚.

PHP Forms and Databases.

Lecture 27 Security I April 4, 2018 Open news web sites.

Hypertext Preprocessor

Presentation transcript:

Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT * FROM Users WHERE userID = " + $personID; What if the user supplies the following string for $personID? The resulting string assigned to sqlQuery is SELECT * FROM Users WHERE userID = _________ What if the user supplies the following string for $personID?

Input Validation – common associated risks  ______________ user input controls SQL statements ultimately executed by a database server  ______________ user input controls file access location – the “double-dot attack”  ______________ user input controls file naming in such a way as to get a program to read, write or delete files that should be protected  Denial of Service user input controls causes application to consume excessive resources or simply stop executing due to unacceptable input  _______________ user input controls causes the application to reveal confidential information perhaps this information can be used as part of a more sophisticated attack Please check out OWASP

more common associated risks  Cross Site Scripting (XSS) user input controls injects HTML or script commands into Web application causing the Web application to breach its security My Javascript Page type your name here >>> Submit var thing = "blah"; function buttonHandler() { var stuff = document.getElementById("userInput").value; document.write(stuff); }

still more common associated risks  ______________ user input injects commands, often via meta-characters, that cause a server to perform unintended functions  Buffer Overflows user input controls exceeds limits in a way that allows the attacker to control application behavior

Before Mitigation  user interface  files  parameters of externally-invoked methods  network sockets/ports  URLs (passed to Web servers)  cookies  network certificates

Mitigation Techniques

Escaping individual characters is a particularly effective way of mitigating XSS. CharacterEquivalent HTML escape “&#34 #&#35 &&#38 ‘&#39 (&#40 )&#41 /&#47 ;&#59 <&#60 >&#62