Web Application Security
Upcoming SlideShare
Loading in...5
×
 

Web Application Security

on

  • 1,844 views

A talk for Damascus High School (Maryland) students.

A talk for Damascus High School (Maryland) students.

Statistics

Views

Total Views
1,844
Views on SlideShare
1,781
Embed Views
63

Actions

Likes
1
Downloads
46
Comments
0

5 Embeds 63

http://jasonleveille.com 53
http://feeds2.feedburner.com 5
http://www.slideshare.net 2
http://feeds.feedburner.com 2
http://video.filestube.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Web Application Security Web Application Security Presentation Transcript

  • Web Application Security Why is it important? Jason R. Leveille http://jasonleveille.com December 5, 2008 – Damascus High School
  • Introduction
    • High School Teacher for 8 Years
    • Web Software Developer for 1.5
    • Security is not my strong point
      • Why am I talking about security?
    • Security is a concern in many layers
      • Server Layer (Apache, IIS, etc)
      • Database Layer (mySQL, PostreSQL, etc)
      • Application Language/Script (PHP, Python, etc)
      • Web App Server/Client Side
  • A Brief Example: PHP info/secinfo
    • What we see when we look at phpinfo()
      • http://url/talk/psi/info.php
    • What we seen when we look at PHP Sec. Info feedback.
      • http://url/talk/psi/
      • Illustrates the need to secure your “language”, in your server environment, as best you can
  • SQL Injection
    • What is SQL Injection
    • An example
      • Stealing usernames/passwords
      • http://url/talk/ex1.php (ex5.php)
      • ?userid=5
      • ?userid=5 union all select id,email,password from users—
      • What happened?
      • The Source Code
      • Things to think about
  • SQL Injection
    • Another example
      • Drop Table
      • http://xkcd.com/327
      • http://url/talk/foo.php
      • ?first_name=Jason
      • ?first_name=Jason’; DROP TABLE users;
      • What happened?
      • An illustration in phpmyadmin
      • Things to think about?
  • Cross Site Scripting (XSS)
    • What is XSS?
    • An Example
      • Cookie theft
      • http://url/talk/ex2.php
      • What happened?
      • The Source Code
      • Things to think about
  • Cross Site Scripting (XSS)
    • A real world example
    • asp application / SQL Server attack
      • Combined XSS SQL Injection
      • Installation of malware
      • Our attack traced back to organized crime in Russia!
      • Should I not have written that …
  • Cross Site Request Forgery (CSRF)
    • What is CSRF?
    • An Example
      • http://en.wikipedia.org/wiki/Cross-site_request_forgery#Example_and_characteristics
  • Security: Filter Input
    • What is input?
    • What does it mean to filter input?
      • An example
        • http://url/talk/ex3.php
        • What’s happening?
        • The Source Code
        • Things to think about
  • Security: Escape Output
    • What is output?
    • What does it mean to escape output?
      • An example
        • http://url/talk/ex4.php
        • What’s happening?
        • The Source Code
        • Things to think about
  • Security: Database User Privileges
    • What are user privileges?
    • Reducing user privileges
      • An example
        • Creating a reduced user privileged account
        • Attempting DROP TABLE with this new account
        • Things to think about
  • In Conclusion
    • Take care of your own information online
    • Never trust data coming into your application
    • Filter Input
    • Escape Output
    • Reduce Database User Privileges
    • Always store passwords hashed
      • See example of student passwords
  • Questions?
    • http://jasonleveille.com
    • leveillej at gmail dot com
  • Resources
    • http://www.apachesecurity.net/
    • http://www.microsoft.com/technet/security/prodtech/IIS.mspx
    • http://www.scribd.com/doc/2569459/Securing-MySQL-for-a-Security-Audit
    • http://www.postgresql.org/docs/8.3/static/user-manag.html
    • http://phpsec.org/projects/phpsecinfo/index.html
  • Resources
    • http://dev. mysql .com/tech-resources/articles/guide-to-php-security-ch3.pdf
    • http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
    • http://xkcd.com/327/
    • http://xssed.org/
    • http://www.trustedsource.org/blog/142/New-SQL-Injection-Attack-Infecting-Machines
  • Resources
    • http://shiflett.org/articles/cross-site-request-forgeries
    • http://php.net/ctype
    • http://us3.php.net/strip-tags
    • http://us2.php.net/manual/en/book.pcre.php
    • http://ha.ckers.org/xss.html
    • http://shiflett.org/blog/2007/mar/allowing-html-and-preventing-xss
  • Resources
    • http://us.php.net/htmlentities
    • http://shiflett.org/blog/2007/may/character-encoding-and-xss
    • http://htmlpurifier.org/
    • http://us.php.net/manual/en/mysqli.real-escape-string.php