Web Application Security Why is it important? Jason R. Leveille http://jasonleveille.com December 5, 2008 – Damascus High ...
Introduction <ul><li>High School Teacher for 8 Years </li></ul><ul><li>Web Software Developer for 1.5 </li></ul><ul><li>Se...
A Brief Example: PHP info/secinfo <ul><li>What we see when we look at phpinfo() </li></ul><ul><ul><li>http://url/talk/psi/...
SQL Injection <ul><li>What is SQL Injection </li></ul><ul><li>An example </li></ul><ul><ul><li>Stealing usernames/password...
SQL Injection <ul><li>Another example </li></ul><ul><ul><li>Drop Table </li></ul></ul><ul><ul><li>http://xkcd.com/327 </li...
Cross Site Scripting (XSS) <ul><li>What is XSS? </li></ul><ul><li>An Example </li></ul><ul><ul><li>Cookie theft </li></ul>...
Cross Site Scripting (XSS) <ul><li>A real world example </li></ul><ul><li>asp application / SQL Server attack </li></ul><u...
Cross Site Request Forgery (CSRF) <ul><li>What is CSRF? </li></ul><ul><li>An Example </li></ul><ul><ul><li>http://en.wikip...
Security: Filter Input <ul><li>What is input? </li></ul><ul><li>What does it mean to filter input? </li></ul><ul><ul><li>A...
Security: Escape Output <ul><li>What is output? </li></ul><ul><li>What does it mean to escape output? </li></ul><ul><ul><l...
Security: Database User Privileges <ul><li>What are user privileges? </li></ul><ul><li>Reducing user privileges </li></ul>...
In Conclusion <ul><li>Take care of your own information online </li></ul><ul><li>Never trust data coming into your applica...
Questions? <ul><li>http://jasonleveille.com </li></ul><ul><li>leveillej at gmail dot com </li></ul>
Resources <ul><li>http://www.apachesecurity.net/ </li></ul><ul><li>http://www.microsoft.com/technet/security/prodtech/IIS....
Resources <ul><li>http://dev. mysql .com/tech-resources/articles/guide-to-php-security-ch3.pdf </li></ul><ul><li>http://fe...
Resources <ul><li>http://shiflett.org/articles/cross-site-request-forgeries </li></ul><ul><li>http://php.net/ctype </li></...
Resources <ul><li>http://us.php.net/htmlentities </li></ul><ul><li>http://shiflett.org/blog/2007/may/character-encoding-an...
Upcoming SlideShare
Loading in...5
×

Web Application Security

1,128

Published on

A talk for Damascus High School (Maryland) students.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,128
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
47
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • Web Application Security

    1. 1. Web Application Security Why is it important? Jason R. Leveille http://jasonleveille.com December 5, 2008 – Damascus High School
    2. 2. Introduction <ul><li>High School Teacher for 8 Years </li></ul><ul><li>Web Software Developer for 1.5 </li></ul><ul><li>Security is not my strong point </li></ul><ul><ul><li>Why am I talking about security? </li></ul></ul><ul><li>Security is a concern in many layers </li></ul><ul><ul><li>Server Layer (Apache, IIS, etc) </li></ul></ul><ul><ul><li>Database Layer (mySQL, PostreSQL, etc) </li></ul></ul><ul><ul><li>Application Language/Script (PHP, Python, etc) </li></ul></ul><ul><ul><li>Web App Server/Client Side </li></ul></ul>
    3. 3. A Brief Example: PHP info/secinfo <ul><li>What we see when we look at phpinfo() </li></ul><ul><ul><li>http://url/talk/psi/info.php </li></ul></ul><ul><li>What we seen when we look at PHP Sec. Info feedback. </li></ul><ul><ul><li>http://url/talk/psi/ </li></ul></ul><ul><ul><li>Illustrates the need to secure your “language”, in your server environment, as best you can </li></ul></ul>
    4. 4. SQL Injection <ul><li>What is SQL Injection </li></ul><ul><li>An example </li></ul><ul><ul><li>Stealing usernames/passwords </li></ul></ul><ul><ul><li>http://url/talk/ex1.php (ex5.php) </li></ul></ul><ul><ul><li>?userid=5 </li></ul></ul><ul><ul><li>?userid=5 union all select id,email,password from users— </li></ul></ul><ul><ul><li>What happened? </li></ul></ul><ul><ul><li>The Source Code </li></ul></ul><ul><ul><li>Things to think about </li></ul></ul>
    5. 5. SQL Injection <ul><li>Another example </li></ul><ul><ul><li>Drop Table </li></ul></ul><ul><ul><li>http://xkcd.com/327 </li></ul></ul><ul><ul><li>http://url/talk/foo.php </li></ul></ul><ul><ul><li>?first_name=Jason </li></ul></ul><ul><ul><li>?first_name=Jason’; DROP TABLE users; </li></ul></ul><ul><ul><li>What happened? </li></ul></ul><ul><ul><li>An illustration in phpmyadmin </li></ul></ul><ul><ul><li>Things to think about? </li></ul></ul>
    6. 6. Cross Site Scripting (XSS) <ul><li>What is XSS? </li></ul><ul><li>An Example </li></ul><ul><ul><li>Cookie theft </li></ul></ul><ul><ul><li>http://url/talk/ex2.php </li></ul></ul><ul><ul><li>What happened? </li></ul></ul><ul><ul><li>The Source Code </li></ul></ul><ul><ul><li>Things to think about </li></ul></ul>
    7. 7. Cross Site Scripting (XSS) <ul><li>A real world example </li></ul><ul><li>asp application / SQL Server attack </li></ul><ul><ul><li>Combined XSS SQL Injection </li></ul></ul><ul><ul><li>Installation of malware </li></ul></ul><ul><ul><li>Our attack traced back to organized crime in Russia! </li></ul></ul><ul><ul><li>Should I not have written that … </li></ul></ul>
    8. 8. Cross Site Request Forgery (CSRF) <ul><li>What is CSRF? </li></ul><ul><li>An Example </li></ul><ul><ul><li>http://en.wikipedia.org/wiki/Cross-site_request_forgery#Example_and_characteristics </li></ul></ul>
    9. 9. Security: Filter Input <ul><li>What is input? </li></ul><ul><li>What does it mean to filter input? </li></ul><ul><ul><li>An example </li></ul></ul><ul><ul><ul><li>http://url/talk/ex3.php </li></ul></ul></ul><ul><ul><ul><li>What’s happening? </li></ul></ul></ul><ul><ul><ul><li>The Source Code </li></ul></ul></ul><ul><ul><ul><li>Things to think about </li></ul></ul></ul>
    10. 10. Security: Escape Output <ul><li>What is output? </li></ul><ul><li>What does it mean to escape output? </li></ul><ul><ul><li>An example </li></ul></ul><ul><ul><ul><li>http://url/talk/ex4.php </li></ul></ul></ul><ul><ul><ul><li>What’s happening? </li></ul></ul></ul><ul><ul><ul><li>The Source Code </li></ul></ul></ul><ul><ul><ul><li>Things to think about </li></ul></ul></ul>
    11. 11. Security: Database User Privileges <ul><li>What are user privileges? </li></ul><ul><li>Reducing user privileges </li></ul><ul><ul><li>An example </li></ul></ul><ul><ul><ul><li>Creating a reduced user privileged account </li></ul></ul></ul><ul><ul><ul><li>Attempting DROP TABLE with this new account </li></ul></ul></ul><ul><ul><ul><li>Things to think about </li></ul></ul></ul>
    12. 12. In Conclusion <ul><li>Take care of your own information online </li></ul><ul><li>Never trust data coming into your application </li></ul><ul><li>Filter Input </li></ul><ul><li>Escape Output </li></ul><ul><li>Reduce Database User Privileges </li></ul><ul><li>Always store passwords hashed </li></ul><ul><ul><li>See example of student passwords </li></ul></ul>
    13. 13. Questions? <ul><li>http://jasonleveille.com </li></ul><ul><li>leveillej at gmail dot com </li></ul>
    14. 14. Resources <ul><li>http://www.apachesecurity.net/ </li></ul><ul><li>http://www.microsoft.com/technet/security/prodtech/IIS.mspx </li></ul><ul><li>http://www.scribd.com/doc/2569459/Securing-MySQL-for-a-Security-Audit </li></ul><ul><li>http://www.postgresql.org/docs/8.3/static/user-manag.html </li></ul><ul><li>http://phpsec.org/projects/phpsecinfo/index.html </li></ul>
    15. 15. Resources <ul><li>http://dev. mysql .com/tech-resources/articles/guide-to-php-security-ch3.pdf </li></ul><ul><li>http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/ </li></ul><ul><li>http://xkcd.com/327/ </li></ul><ul><li>http://xssed.org/ </li></ul><ul><li>http://www.trustedsource.org/blog/142/New-SQL-Injection-Attack-Infecting-Machines </li></ul>
    16. 16. Resources <ul><li>http://shiflett.org/articles/cross-site-request-forgeries </li></ul><ul><li>http://php.net/ctype </li></ul><ul><li>http://us3.php.net/strip-tags </li></ul><ul><li>http://us2.php.net/manual/en/book.pcre.php </li></ul><ul><li>http://ha.ckers.org/xss.html </li></ul><ul><li>http://shiflett.org/blog/2007/mar/allowing-html-and-preventing-xss </li></ul>
    17. 17. Resources <ul><li>http://us.php.net/htmlentities </li></ul><ul><li>http://shiflett.org/blog/2007/may/character-encoding-and-xss </li></ul><ul><li>http://htmlpurifier.org/ </li></ul><ul><li>http://us.php.net/manual/en/mysqli.real-escape-string.php </li></ul>
    1. ¿Le ha llamado la atención una diapositiva en particular?

      Recortar diapositivas es una manera útil de recopilar información importante para consultarla más tarde.

    ×