Hacking Web Apps. Detecting and Preventing Web Application Security Problems. Jorge Blanco Alcover. Mike Shema. Technical Editor SYNGRESS



Similar documents
Web Application Hacking (Penetration Testing) 5-day Hands-On Course

Web Application Security

elearning for Secure Application Development

Criteria for web application security check. Version

(WAPT) Web Application Penetration Testing

JVA-122. Secure Java Web Development

ASP.NET MVC Secure Coding 4-Day hands on Course. Course Syllabus

Sitefinity Security and Best Practices

Enterprise Application Security Workshop Series

Where every interaction matters.

Adobe Systems Incorporated

ArcGIS Server Security Threats & Best Practices David Cordes Michael Young

Network Security: A Practical Approach. Jan L. Harrington

QuickBooks Online: Security & Infrastructure

Check list for web developers

Open Source Toolkit. Penetration Tester's. Jeremy Faircloth. Third Edition. Fryer, Neil. Technical Editor SYNGRESS. Syngrcss is an imprint of Elsevier

Securing the Cloud. Cloud Computer Security Techniques and Tactics. Vic (J.R.) Winkler. Technical Editor Bill Meine ELSEVIER

A Server and Browser-Transparent CSRF Defense for Web 2.0 Applications. Slides by Connor Schnaith

Network Security. Windows 2012 Server. Securing Your Windows. Infrastructure. Network Systems and. Derrick Rountree. Richard Hicks, Technical Editor

Web Application Attacks and Countermeasures: Case Studies from Financial Systems

WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY

External Supplier Control Requirements

Magento Security and Vulnerabilities. Roman Stepanov

Architectural Design Patterns. Design and Use Cases for OWASP. Wei Zhang & Marco Morana OWASP Cincinnati, U.S.A.

FINAL DoIT v.8 APPLICATION SECURITY PROCEDURE

FINAL DoIT v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES

Implementing Database Security and Auditing

Computer Security. Introduction to. Michael T. Goodrich Department of Computer Science University of California, Irvine. Roberto Tamassia PEARSON

HTML5 and security on the new web

Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security

What is Web Security? Motivation

Web Application Security. Vulnerabilities, Weakness and Countermeasures. Massimo Cotelli CISSP. Secure

Ethical Hacking Penetrating Web 2.0 Security

OWASP TOP 10 ILIA

Passing PCI Compliance How to Address the Application Security Mandates

How to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering

Security Testing with Selenium

Secure development and the SDLC. Presented By Jerry

Still Aren't Doing. Frank Kim

The Top Web Application Attacks: Are you vulnerable?

Hack Proof Your Webapps

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

HTML5. Eoin Keary CTO BCC Risk Advisory.

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Web-Application Security

Security features of ZK Framework

Web Application Worms & Browser Insecurity

Detecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008

Securing SQL Server. Protecting Your Database from. Second Edition. Attackers. Denny Cherry. Michael Cross. Technical Editor ELSEVIER

Creating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011

Members of the UK cyber security forum. Soteria Health Check. A Cyber Security Health Check for SAP systems

External Network & Web Application Assessment. For The XXX Group LLC October 2012

ANDROID SECURITY ATTACKS AND DEFENSES ABHISHEK DUBEY I ANMOL MISRA. ( r öc) CRC Press VV J Taylor & Francis Group ^ "^ Boca Raton London New York

APPLICATION SECURITY AND ITS IMPORTANCE

Web applications. Web security: web basics. HTTP requests. URLs. GET request. Myrto Arapinis School of Informatics University of Edinburgh

Last update: February 23, 2004

Rational AppScan & Ounce Products

Cross-Site Scripting

Summary of the SEED Labs For Authors and Publishers

TECHNICAL AUDITS FOR CERTIFYING EUROPEAN CITIZEN COLLECTION SYSTEMS

Threat Modeling/ Security Testing. Tarun Banga, Adobe 1. Agenda

Project 2: Web Security Pitfalls

CSE598i - Web 2.0 Security OWASP Top 10: The Ten Most Critical Web Application Security Vulnerabilities

Web App Security Audit Services

Threat Modeling. A workshop on how to create threat models by creating a hands-on example

Chapter 1 Web Application (In)security 1

OWASP Top Ten Tools and Tactics

Testing the OWASP Top 10 Security Issues

CYBERTRON NETWORK SOLUTIONS

Network Security Audit. Vulnerability Assessment (VA)

BASELINE SECURITY TEST PLAN FOR EDUCATIONAL WEB AND MOBILE APPLICATIONS

Development. Resilient Software. Secure and. Mark S. Merkow Lakshmikanth Raghavan. CRC Press. Taylor& Francis Croup. Taylor St Francis Group,

OWASP AND APPLICATION SECURITY

Comprehensive Security for Internet-of-Things Devices With ARM TrustZone

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

Web Application Security

Web Application Firewalls Evaluation and Analysis. University of Amsterdam System & Network Engineering MSc

Web Application Report

Recon and Mapping Tools and Exploitation Tools in SamuraiWTF Report section Nick Robbins

WEB ATTACKS AND COUNTERMEASURES

MANAGED SECURITY TESTING

Cracking the Perimeter via Web Application Hacking. Zach Grace, CISSP, CEH January 17, Mega Conference

Eleventh Hour Security+

Bank Hacking Live! Ofer Maor CTO, Hacktics Ltd. ATC-4, 12 Jun 2006, 4:30PM

Cyber Attacks. Protecting National Infrastructure Student Edition. Edward G. Amoroso

Penetration Test Report

Application Layer Encryption: Protecting against Application Logic and Session Theft Attacks. Whitepaper

Intrusion detection for web applications

WEB SITE SECURITY. Jeff Aliber Verizon Digital Media Services

Gateway Apps - Security Summary SECURITY SUMMARY

Web Application Guidelines

Detecting and Exploiting XSS with Xenotix XSS Exploit Framework

Secure Coding in Node.js

Attack Vector Detail Report Atlassian

Web Application Security Assessment and Vulnerability Mitigation Tests

Ruby on Rails Secure Coding Recommendations

Transcription:

Hacking Web Apps Detecting and Preventing Web Application Security Problems Mike Shema Technical Editor Jorge Blanco Alcover AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Syngress is an Imprint of Elsevier SYNGRESS

Contents About the Author v Acknowledgements v i i Introduction xiu CHAPTER 1 HTML5 1 The New Document Object Model (DOM) 2 Cross-Origin Resource Sharing (CORS) 3 WebSockets 6 Transferring Data 10 Data Frames 11 Security Considerations 13 Web Storage 14 IndexedDB 16 Web Workers 16 Flotsam & Jetsam 19 History API 19 Draft APIs 20 Summary 20 CHAPTER 2 HTML Injection & Cross-Site Scripting (XSS) 23 Understanding HTML Injection 24 Identifying Points of Injection 30 Identifying the Type of Reflection 37 Identifying the Injection's Rendered Context 42 Putting the Hack Together 45 Abusing Character Sets 48 Exploiting Failure Modes 56 Bypassing Weak Exclusion Lists 59 Leveraging Browser Quirks 60 The Unusual Suspects 63 The Impact of XSS 66 Employing Countermeasures 67 Fixing a Static Character Set 68 Normalizing Character Sets and Encoding 69 Encoding the Output 70 Beware of Exclusion Lists and Regexes 71 Reuse, Don't Reimplement, Code 73 ix

x Contents JavaScript Sandboxes 73 Browsers' Built-in XSS Defenses 76 Summary 78 CHAPTER 3 Cross-Site Request Forgery (CSRF) 79 Understanding Cross-Site Request Forgery 80 The Mechanics of CSRF 83 Request Forgery via Forced Browsing 85 Attacking Authenticated Actions without Passwords 89 Dangerous Liaison: CSRF and HTML Injection 89 Be Wary of the Tangled Web 90 Variation on a Theme: Clickjacking 91 Employing Countermeasures 93 Heading in the Right Direction 94 Defending the Web Browser 103 Vulnerability & Verisimilitude 104 Summary 104 CHAPTER 4 SQL Injection & Data Store Manipulation 107 Understanding SQL Injection 109 Hacking Tangents: Mathematical and Grammatical 112 Breaking SQL Statements 113 Vivisecting the Database 122 Alternate Attack Vectors 125 Real-World SQL Injection 126 HTML5's Web Storage API 127 SQL Injection Without SQL 128 Employing Countermeasures 130 Validating Input 131 Securing the Statement 131 Protecting Information 137 Stay Current with Database Patches 139 Summary 140 CHAPTER 5 Breaking Authentication Schemes 141 Understanding Authentication Attacks 142 Replaying the Session Token 142 Brute Force 145 Sniffing 146 Resetting Passwords 149 Cross-Site Scripting (XSS) 149

Contents xi SQL Injection 150 Gulls & Gullibility 151 Employing Countermeasures 152 Protect Session Cookies 153 Use Secure Authentication Schemes 155 Engage the User 163 Annoy the User 164 Request Throttling 165 Logging and Triangulation 166 Defeating Phishing 166 Protecting Passwords 168 Summary 168 CHAPTER 6 Abusing Design Deficiencies 11 i Understanding Logic & Design Attacks 174 Abusing Workflows 175 Exploiting Policies & Practices 175 Induction 180 Denial of Service 183 Insecure Design Patterns 183 Implementation Errors in Cryptography 188 Information Sieves 201 Employing Countermeasures 202 Documenting Requirements 202 Creating Robust Test Cases 203 Mapping Policies to Controls 204 Defensive Programming 205 Verifying the Client 205 Encryption Guidelines 205 Summary 206 CHAPTER 7 Leveraging Platform Weaknesses 209 Understanding the Attacks 210 Recognizing Patterns, Structures, & Developer Quirks 210 Targeting the Operating System 225 Attacking the Server 230 Denial of Service 230 Employing Countermeasures 235 Restricting file Access 235 Using Object References 236

xii Contents Blacklisting Insecure Functions 236 Enforcing Authorization 237 Restricting Network Connections 237 Summary 238 CHAPTER 8 Browser & Privacy Attacks 239 Understanding Malware and Browser Attacks 240 Malware 241 Plugging in to Browser Plugins 244 DNS and Origins 246 HTML5 247 Privacy 249 Employing Countermeasures 258 Configure SSL/TLS Securely 258 Safer Browsing 259 Isolating the Browser 260 Tor 260 DNSSEC 261 Summary 261 Index 263

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information