http://nullcon.net  NEW CONCEPTS  DEFEATING  WEB ATTACKS(secure) SiteHoster
   Family Named:       AbhishekKr    Friends Call:       ABK    g33k Handle:        aBionic   IndependentSecurity Enthus...
   Other than expanding to (secure)SiteHoster                 A Fresh               A Lab            (s)SH               ...
http://null.co.inhttp://nullcon.net                      It‟s The Same Old ProblemaBionic@twitter,linkedin,FB
http://null.co.inhttp://nullcon.net                      Same Old Problem                      With A New Perspective To S...
http://null.co.inhttp://nullcon.net                      offensive security to secureaBionic@                      ATTACK ...
http://null.co.inhttp://nullcon.net                      Major Threats for Web Applications                      Stats are...
XSS Defeating Concept    always aim the strongest opponent first,    makes you win battle easilyhttp://null.co.in   http:/...
IT IS JUST A PIECE OF CODE                   aBionic@twitter,linkedin,FB
<TAGS/> R GooD                 aBionic@twitter,linkedin,FB
And if it’s Code…                    aBionic@twitter,linkedin,FB
http://null.co.inhttp://nullcon.net                      !dea is toaBionic@                      BUGtwitter,linkedin,FB
http://null.co.inhttp://nullcon.net                      3 Major XSS Attack Patterns                      All Effect From ...
+ Karthik calling Karthik…http://null.co.in                      + User (tricked) Input…http://nullcon.net                ...
http://null.co.inhttp://nullcon.net                      Who calls, or who injects                      What finally happe...
http://null.co.inhttp://nullcon.net                      Disarm <script/>                      Take away all its POWER!!!!...
http://null.co.inhttp://nullcon.net                      Dis-Infect Entire Body                      To kill all unwanted ...
Generated HyperText                              <html>  <head><script>function h(){alert(“some dev-script in HEAD        ...
Server Patched View<html><head><script> function h(){alert(“this is dev-scripts in HEAD Tag”);}</script></head><BD><BODY >...
http://null.co.inhttp://nullcon.net                      But… still                       …other two monkeys got a chance...
http://null.co.inhttp://nullcon.net                      „javascript:‟ may effect asaBionic@twitter,linkedin,FB
http://null.co.inhttp://nullcon.net                      So „javascript:<bugMe/>‟aBionic@twitter,linkedin,FB
http://null.co.inhttp://nullcon.net                      1 Monkey can wreck havoc                      2 are pwn3d… but 3r...
http://null.co.inhttp://nullcon.net                      „Be Kind‟ on Entropy                      -says „JS-Events‟aBioni...
http://null.co.in   http://nullcon.net   aBionic@twitter,linkedin,FB
Ninja Parse User Input                         aBionic@twitter,linkedin,FB
Bug-it-su pwn JS-Events                      aBionic@twitter,linkedin,FB
hardcore ‘js-events’ pwnage                         aBionic@twitter,linkedin,FB
http://null.co.inhttp://nullcon.net                      XSS Attack gets bugged                      <TAGS/> go GreenaBion...
http://null.co.inhttp://nullcon.net                      Innocence Is Saved                      Normal User Input Matchin...
http://null.co.inhttp://nullcon.net                      All Monkeys Defeated                      And so are Script-Junki...
CURRENTLY JUST DEV PERSPECTIVE                    aBionic@twitter,linkedin,FB
For Un-Privileged AXNs                         aBionic@twitter,linkedin,FB
Old Wine, Why Not Always Used           DB                          all                 boss                              ...
http://null.co.inhttp://nullcon.net                      & For Condition Match                      An A Apple Hash A An D...
   I Tweet Tech:       http://www.twitter.com/aBionic   I Blog Tech:        http://abhishekkr.wordpress.com/   I OpenSo...
Upcoming SlideShare
Loading in...5
×

nullcon 2011 - (secure) SiteHoster – Disable XSS & SQL Injection

830

Published on

(secure) SiteHoster – Disable XSS & SQL Injection by Abhishek Kumar

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
830
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
25
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

nullcon 2011 - (secure) SiteHoster – Disable XSS & SQL Injection

  1. 1. http://nullcon.net NEW CONCEPTS DEFEATING WEB ATTACKS(secure) SiteHoster
  2. 2.  Family Named: AbhishekKr Friends Call: ABK g33k Handle: aBionic IndependentSecurity Enthusiast/Researcher Also a Member of „EvilFingers‟ (other than ‘NULL’) Application-Developer in ThoughtWorks Inc. OpenSource Lover http://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  3. 3.  Other than expanding to (secure)SiteHoster A Fresh A Lab (s)SH Approach RAT http://sourceforge.net/projects/sitehoster http://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  4. 4. http://null.co.inhttp://nullcon.net It‟s The Same Old ProblemaBionic@twitter,linkedin,FB
  5. 5. http://null.co.inhttp://nullcon.net Same Old Problem With A New Perspective To Solve ItaBionic@twitter,linkedin,FB
  6. 6. http://null.co.inhttp://nullcon.net offensive security to secureaBionic@ ATTACK THE ATTACKERtwitter,linkedin,FB
  7. 7. http://null.co.inhttp://nullcon.net Major Threats for Web Applications Stats are not same (of 2009) …aBionic@twitter,linkedin,FB But t h r e a t s are
  8. 8. XSS Defeating Concept always aim the strongest opponent first, makes you win battle easilyhttp://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  9. 9. IT IS JUST A PIECE OF CODE aBionic@twitter,linkedin,FB
  10. 10. <TAGS/> R GooD aBionic@twitter,linkedin,FB
  11. 11. And if it’s Code… aBionic@twitter,linkedin,FB
  12. 12. http://null.co.inhttp://nullcon.net !dea is toaBionic@ BUGtwitter,linkedin,FB
  13. 13. http://null.co.inhttp://nullcon.net 3 Major XSS Attack Patterns All Effect From Options of User Input, a Web2.0 GiftaBionic@twitter,linkedin,FB
  14. 14. + Karthik calling Karthik…http://null.co.in + User (tricked) Input…http://nullcon.net Included or injected <script/> What You See Is (*NOT*) What You GetaBionic@twitter,linkedin,FB
  15. 15. http://null.co.inhttp://nullcon.net Who calls, or who injects What finally happens is unwanted <script/>aBionic@twitter,linkedin,FB
  16. 16. http://null.co.inhttp://nullcon.net Disarm <script/> Take away all its POWER!!!!!aBionic@twitter,linkedin,FB
  17. 17. http://null.co.inhttp://nullcon.net Dis-Infect Entire Body To kill all unwanted „Creepy-Living‟ BeingsaBionic@twitter,linkedin,FB
  18. 18. Generated HyperText <html> <head><script>function h(){alert(“some dev-script in HEAD Tag”);}</script></head> <body> <script DEFER>heavy_stuff=true;</script> name: <div id=”fromDB” onMouseOver=”h();”><script>alert(„attacker injected it, could do anything‟);</script> </div> </body> </html> aBionic@twitter,linkedin,FB
  19. 19. Server Patched View<html><head><script> function h(){alert(“this is dev-scripts in HEAD Tag”);}</script></head><BD><BODY ><script DEFER>heavy_stuff=true;</script><script type=text/javascript>x=document.getElementsByTagName("BODY");x[0].innerHTML = "name:<div id="fromDB" onclick="h();"><script>alert(attacker injected it, could do anything);</script></div>“;</script></BODY></BD></html> aBionic@twitter,linkedin,FB
  20. 20. http://null.co.inhttp://nullcon.net But… still  …other two monkeys got a chanceaBionic@twitter,linkedin,FB
  21. 21. http://null.co.inhttp://nullcon.net „javascript:‟ may effect asaBionic@twitter,linkedin,FB
  22. 22. http://null.co.inhttp://nullcon.net So „javascript:<bugMe/>‟aBionic@twitter,linkedin,FB
  23. 23. http://null.co.inhttp://nullcon.net 1 Monkey can wreck havoc 2 are pwn3d… but 3rd is powerful enoughaBionic@twitter,linkedin,FB
  24. 24. http://null.co.inhttp://nullcon.net „Be Kind‟ on Entropy -says „JS-Events‟aBionic@twitter,linkedin,FB
  25. 25. http://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  26. 26. Ninja Parse User Input aBionic@twitter,linkedin,FB
  27. 27. Bug-it-su pwn JS-Events aBionic@twitter,linkedin,FB
  28. 28. hardcore ‘js-events’ pwnage aBionic@twitter,linkedin,FB
  29. 29. http://null.co.inhttp://nullcon.net XSS Attack gets bugged <TAGS/> go GreenaBionic@twitter,linkedin,FB
  30. 30. http://null.co.inhttp://nullcon.net Innocence Is Saved Normal User Input Matching Attack aint FilteredaBionic@twitter,linkedin,FB
  31. 31. http://null.co.inhttp://nullcon.net All Monkeys Defeated And so are Script-JunkiesaBionic@twitter,linkedin,FB
  32. 32. CURRENTLY JUST DEV PERSPECTIVE aBionic@twitter,linkedin,FB
  33. 33. For Un-Privileged AXNs aBionic@twitter,linkedin,FB
  34. 34. Old Wine, Why Not Always Used DB all boss Read on Read,write.* Table T1 Read,Write on Table t2 User- Web-App Mapper aBionic@twitter,linkedin,FB
  35. 35. http://null.co.inhttp://nullcon.net & For Condition Match An A Apple Hash A An Day Input Keeps The Doctor Attacker AwayaBionic@twitter,linkedin,FB
  36. 36.  I Tweet Tech: http://www.twitter.com/aBionic I Blog Tech: http://abhishekkr.wordpress.com/ I OpenSource  GitHub: https://github.com/abhishekkr  SourceForge: http://sourceforge.net/users/abhishekkr I Socialize: http://www.facebook.com/aBionic I Techalize: http://in.linkedin.com/in/abionic I Deviantize: http://abhishekkr.deviantart.com/ http://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×