Web security


Published on

about the web security,social engineering and current cyberwar

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Web security

  1. 1. Web Security
  2. 2. • Introduction to Security• CyberWar between countries• Owasp WebGoat&Web Scarab&demo• Beef&demo• SET+QR code• Future of Web Security Index
  3. 3. 1 Introduction to Security
  4. 4. Security requires a particular mindset. Securityprofessionals -- at least the good ones -- see theworld differently. They cant walk into a storewithout noticing how they might shoplift. Theycant use a computer without wondering aboutthe security vulnerabilities. They cant votewithout trying to figure out how to votetwice. They just cant help it. Schneier on Security
  5. 5. This kind of thinking is not natural for mostpeople. Its not natural for engineers. Goodengineering involves thinking about howthings can be made to work; the securitymindset involves thinking about how thingscan be made to fail. It involves thinking likean attacker, an adversary or a criminal. Youdont have to exploit the vulnerabilities youfind, but if you dont see the world that way,youll never notice most security problems. Schneier on Security-2
  6. 6. • Israeli Bombing of Syria’s nuclear reactor• Russia’s DDOS Attack on Estonia.• Russia’s use of DDOS and spoofed attack to augment their war in South Ossetia• North Korea’s partially successful DDOS of US government website and South Korea. Cyberwar
  7. 7. Case Study-Stuxnet
  8. 8. • http://vimeo.com/25118844• http://www.youtube.com/watch?v=7g0pi4J8auQ Case Study-Stuxnet-2
  9. 9. “We are all connected on a vast global network and whoever controls the network controls the world.”Case Study-Stuxnet-3
  10. 10. HBGary Sony FBI Conference Capture T Flag CIA Sabu & Tor Browserlulzsec
  11. 11. • Sql Injection? • String based sql injection • Numeric based sql injection• Concurrence?• Xpath Injection ?• Qr Code? Before we start?
  12. 12. 2 Web app
  13. 13. • The OWASP Top 10 - 2013 Release Candidate includes the following changes as compared to the 2010 edition:• A1 Injection• A2 Broken Authentication and Session Management (was formerly A3)• A3 Cross-Site Scripting (XSS) (was formerly A2)• A4 Insecure Direct Object References• A5 Security Misconfiguration (was formerly A6)• A6 Sensitive Data Exposure (merged from former A7 Insecure Cryptographic Storage and former A9 Insufficient Transport Layer Protection)• A7 Missing Function Level Access Control (renamed/broadened from former A8 Failure to Restrict URL Access)• A8 Cross-Site Request Forgery (CSRF) (was formerly A5)• A9 Using Known Vulnerable Components (new but was part of former A6 – Security Misconfiguration)• A10 Unvalidated Redirects and Forwards Owasp top ten vulnerability
  14. 14. 3
  15. 15. Overview• A Sql Injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands. Sql Injection
  16. 16. Threat Modeling• SQL injection attacks allow attackers to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server.• SQL Injection is very common with PHP and ASP applications due to the prevalence of older functional interfaces. Due to the nature of programmatic interfaces available, J2EE and ASP.NET applications are less likely to have easily exploited SQL injections.• The severity of SQL Injection attacks is limited by the attacker’s skill and imagination, and to a lesser extent, defense in depth countermeasures, such as low privilege connections to the database server and so on. In general, consider SQL Injection a high impact severity Sql Injection-2
  17. 17. Risk Factors• The platform affected can be:• Language: SQL• Platform: Any (requires interaction with a SQL database)• Sql injection has become a common issue with database- driven web sites. The flaw is easily detected, and easily exploited, and as such, any site or software package with even a minimal user base is likely to be subject to an attempted attack of this kind. Sql Injection-3
  18. 18. string query ="SELECT * FROM items WHEREowner = "" + userName + " ANDitemname = " + ItemName.Text + "";C# Sql Injection-4
  19. 19. Examples: •SELECT * FROM Users WHERE username = OR 1=1 -- - AND password = ; •SELECT * FROM Users WHERE id = UNION SELECT 1, 2, 3`;•# Hash comment/* C-style comment-- - SQL comment;%00 Nullbyte` Backtick Sql Injection-5
  20. 20. How To Solve Sql Injection Problem? Sql injection-6
  21. 21. Parameterized Query In C#,MysqlThe purpose of these code samples is to demonstrate to the web developerhow to avoid SQL Injection when building database queries withinan web application. Sql Injection-7
  22. 22. DemoSql Injection-8
  23. 23. It is a penetration testing tool that focuses on the webbrowser.Amid growing concerns about web-borne attacks againstclients, including mobile clients, BeEF allows theprofessional penetration tester to assess the actual securityposture of a target environment by using client-sideattack vectors. BEEF
  24. 24. Notable Features• BeEF provides an integratable framework that demonstrates the impact of browser security issues in real-time. Development has focused on creating a modular framework. This has made module development a quick and simple process.• Browser exploitation modules• Keystroke logging• Browser proxying• Integration with Metasploit• Plugin detection• Intranet service exploitation• Phonegap modules• Social Engineering BEEF-2
  25. 25. DEMOBEEF-3
  26. 26. Phishing Facebook with QR Code
  27. 27. Java Applet AttackThe Java Applet Attack considers as one of the most successfuland popular methods for compromising a system.Popularbecause we can create the infected Java applet very easily,we canclone any site we want that will load the applet very fast andsuccessful because it affects all the platforms.The only difficultyis how to deliver the Java Applet properly in order to trick ourvictims. The Java applet Attack vector affects: Windows Systems Linux Systems and Mac OS X SET
  28. 28. • http://resources.infosecinstitute.com/the-rise-of-cyber- weapons-and-relative-impact-on-cyberspace/• http://nakedsecurity.sophos.com/ References
  29. 29. Questions
  30. 30. Thanks forlistening...