Your SlideShare is downloading. ×
  • Like
nullcon 2011 - (secure) SiteHoster – Disable XSS & SQL Injection
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

nullcon 2011 - (secure) SiteHoster – Disable XSS & SQL Injection

  • 803 views
Published

(secure) SiteHoster – Disable XSS & SQL Injection by Abhishek Kumar

(secure) SiteHoster – Disable XSS & SQL Injection by Abhishek Kumar

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
803
On SlideShare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
24
Comments
0
Likes
2

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. http://nullcon.net NEW CONCEPTS DEFEATING WEB ATTACKS(secure) SiteHoster
  • 2.  Family Named: AbhishekKr Friends Call: ABK g33k Handle: aBionic IndependentSecurity Enthusiast/Researcher Also a Member of „EvilFingers‟ (other than ‘NULL’) Application-Developer in ThoughtWorks Inc. OpenSource Lover http://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  • 3.  Other than expanding to (secure)SiteHoster A Fresh A Lab (s)SH Approach RAT http://sourceforge.net/projects/sitehoster http://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  • 4. http://null.co.inhttp://nullcon.net It‟s The Same Old ProblemaBionic@twitter,linkedin,FB
  • 5. http://null.co.inhttp://nullcon.net Same Old Problem With A New Perspective To Solve ItaBionic@twitter,linkedin,FB
  • 6. http://null.co.inhttp://nullcon.net offensive security to secureaBionic@ ATTACK THE ATTACKERtwitter,linkedin,FB
  • 7. http://null.co.inhttp://nullcon.net Major Threats for Web Applications Stats are not same (of 2009) …aBionic@twitter,linkedin,FB But t h r e a t s are
  • 8. XSS Defeating Concept always aim the strongest opponent first, makes you win battle easilyhttp://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  • 9. IT IS JUST A PIECE OF CODE aBionic@twitter,linkedin,FB
  • 10. <TAGS/> R GooD aBionic@twitter,linkedin,FB
  • 11. And if it’s Code… aBionic@twitter,linkedin,FB
  • 12. http://null.co.inhttp://nullcon.net !dea is toaBionic@ BUGtwitter,linkedin,FB
  • 13. http://null.co.inhttp://nullcon.net 3 Major XSS Attack Patterns All Effect From Options of User Input, a Web2.0 GiftaBionic@twitter,linkedin,FB
  • 14. + Karthik calling Karthik…http://null.co.in + User (tricked) Input…http://nullcon.net Included or injected <script/> What You See Is (*NOT*) What You GetaBionic@twitter,linkedin,FB
  • 15. http://null.co.inhttp://nullcon.net Who calls, or who injects What finally happens is unwanted <script/>aBionic@twitter,linkedin,FB
  • 16. http://null.co.inhttp://nullcon.net Disarm <script/> Take away all its POWER!!!!!aBionic@twitter,linkedin,FB
  • 17. http://null.co.inhttp://nullcon.net Dis-Infect Entire Body To kill all unwanted „Creepy-Living‟ BeingsaBionic@twitter,linkedin,FB
  • 18. Generated HyperText <html> <head><script>function h(){alert(“some dev-script in HEAD Tag”);}</script></head> <body> <script DEFER>heavy_stuff=true;</script> name: <div id=”fromDB” onMouseOver=”h();”><script>alert(„attacker injected it, could do anything‟);</script> </div> </body> </html> aBionic@twitter,linkedin,FB
  • 19. Server Patched View<html><head><script> function h(){alert(“this is dev-scripts in HEAD Tag”);}</script></head><BD><BODY ><script DEFER>heavy_stuff=true;</script><script type=text/javascript>x=document.getElementsByTagName("BODY");x[0].innerHTML = "name:<div id="fromDB" onclick="h();"><script>alert(attacker injected it, could do anything);</script></div>“;</script></BODY></BD></html> aBionic@twitter,linkedin,FB
  • 20. http://null.co.inhttp://nullcon.net But… still  …other two monkeys got a chanceaBionic@twitter,linkedin,FB
  • 21. http://null.co.inhttp://nullcon.net „javascript:‟ may effect asaBionic@twitter,linkedin,FB
  • 22. http://null.co.inhttp://nullcon.net So „javascript:<bugMe/>‟aBionic@twitter,linkedin,FB
  • 23. http://null.co.inhttp://nullcon.net 1 Monkey can wreck havoc 2 are pwn3d… but 3rd is powerful enoughaBionic@twitter,linkedin,FB
  • 24. http://null.co.inhttp://nullcon.net „Be Kind‟ on Entropy -says „JS-Events‟aBionic@twitter,linkedin,FB
  • 25. http://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB
  • 26. Ninja Parse User Input aBionic@twitter,linkedin,FB
  • 27. Bug-it-su pwn JS-Events aBionic@twitter,linkedin,FB
  • 28. hardcore ‘js-events’ pwnage aBionic@twitter,linkedin,FB
  • 29. http://null.co.inhttp://nullcon.net XSS Attack gets bugged <TAGS/> go GreenaBionic@twitter,linkedin,FB
  • 30. http://null.co.inhttp://nullcon.net Innocence Is Saved Normal User Input Matching Attack aint FilteredaBionic@twitter,linkedin,FB
  • 31. http://null.co.inhttp://nullcon.net All Monkeys Defeated And so are Script-JunkiesaBionic@twitter,linkedin,FB
  • 32. CURRENTLY JUST DEV PERSPECTIVE aBionic@twitter,linkedin,FB
  • 33. For Un-Privileged AXNs aBionic@twitter,linkedin,FB
  • 34. Old Wine, Why Not Always Used DB all boss Read on Read,write.* Table T1 Read,Write on Table t2 User- Web-App Mapper aBionic@twitter,linkedin,FB
  • 35. http://null.co.inhttp://nullcon.net & For Condition Match An A Apple Hash A An Day Input Keeps The Doctor Attacker AwayaBionic@twitter,linkedin,FB
  • 36.  I Tweet Tech: http://www.twitter.com/aBionic I Blog Tech: http://abhishekkr.wordpress.com/ I OpenSource  GitHub: https://github.com/abhishekkr  SourceForge: http://sourceforge.net/users/abhishekkr I Socialize: http://www.facebook.com/aBionic I Techalize: http://in.linkedin.com/in/abionic I Deviantize: http://abhishekkr.deviantart.com/ http://null.co.in http://nullcon.net aBionic@twitter,linkedin,FB