Your SlideShare is downloading. ×
Web2.0 Tools
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Web2.0 Tools

12,431
views

Published on

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
12,431
On Slideshare
0
From Embeds
0
Number of Embeds
12
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Web 2.0 Tools Usage & Understanding • Web2Proxy • Web2Fuzz AppSecLabs © Blueinfy Solutions Pvt. Ltd.
  • 2. Web2Proxy • Objectives - Analyzing Web 2.0 streams (XML, JSON, JS- Objects etc.) - Running application through the tools and capturing or trapping those requests - Profiling requests and responses - Determining entry points and various attributes of response like hidden fields, login forms etc. © Blueinfy Solutions Pvt. Ltd.
  • 3. How it works? • Start Web2Proxy and define your scan name and listening port • Setup that port as proxy in your browser • Now browse your target application • Web2Proxy will be tunneling all requests and response at the same time profile each of them • You get nice profiled view on application window © Blueinfy Solutions Pvt. Ltd.
  • 4. Setting a scan Define new scan Enter name and listening port address © Blueinfy Solutions Pvt. Ltd.
  • 5. Set that port on browser © Blueinfy Solutions Pvt. Ltd.
  • 6. Start your proxy Use this if you want to Trap requests run time Start and stop your Proxy and Filtering © Blueinfy Solutions Pvt. Ltd.
  • 7. Profile of application JSON input and output © Blueinfy Solutions Pvt. Ltd.
  • 8. XML analysis XML stream as Output © Blueinfy Solutions Pvt. Ltd.
  • 9. Fuzzing • Fuzzing JSON or XML streams - Two aspects of fuzzing – Injection and Response Analysis - Injecting malicious payload with different variants encompassing encoding - Analyzing responses coming from application - Both HTTP header as well as body may contain clues for possible vulnerabilities © Blueinfy Solutions Pvt. Ltd.
  • 10. Response Analytics • Response can be analyzed in following three important dimensions - Vulnerability Signature - Structure analysis - Application behavior © Blueinfy Solutions Pvt. Ltd.
  • 11. Web2Fuzz • Fuzzing tool - Pass on JSON or XML stream to application - Define your load - Select your encoding/ency - Pass on regex for vulnerability signatures - Start fuzzing - Do response analysis © Blueinfy Solutions Pvt. Ltd.
  • 12. Fuzzing Analytics • Following analysis is supported by the tool • Signature - Using regex patterns • Structure - Checking page’s MD5 • Behavior - Size of the stream - Response time analysis © Blueinfy Solutions Pvt. Ltd.
  • 13. Web2Fuzz Select Patterns Select fuzz Load Load All analysis Vectors © Blueinfy Solutions Pvt. Ltd.
  • 14. JSON Fuzzing for SQL • Here is simple list of fuzz load - ' - " - -- - # - a - 1 - -1 - 100000000000000000 - @ - ? - %c0%a7 - %C0%A2 © Blueinfy Solutions Pvt. Ltd.
  • 15. Look for regex… • .*?(sqlexception|syntax|error|exception|sql |DB2|Oracle|MySQL|SqlServer|ODBC|OL EDB|exception).*? © Blueinfy Solutions Pvt. Ltd.
  • 16. Snap… © Blueinfy Solutions Pvt. Ltd.
  • 17. Snap… © Blueinfy Solutions Pvt. Ltd.
  • 18. Blind SQL over JSON • Here is a sample fuzz load - "1 OR 1=1" - "1 AND 1=1" - "a AND 1=0" - "1;waitfor delay '0:0:10'" © Blueinfy Solutions Pvt. Ltd.
  • 19. Analyzing responses • Here is the output © Blueinfy Solutions Pvt. Ltd.
  • 20. Response size Length is large in OR operation – Indicating something © Blueinfy Solutions Pvt. Ltd.
  • 21. JSON’s MD5 MD5 of AND operations are different – indicates possible blind spot © Blueinfy Solutions Pvt. Ltd.
  • 22. Response time Delay of 10 seconds – injection is successful… © Blueinfy Solutions Pvt. Ltd.
  • 23. Thanks! Blueinfy Solutions Pvt. Ltd. INDIA 8/B Shitalbaug society, Paldi Ahmedabad 380007 Tel: 91+9879027018 USA 900 S. Cardiff Street, Anaheim, CA 92806 Tel. 714-656-3652 Email: contact@blueinfy.com © Blueinfy Solutions Pvt. Ltd.