• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Web Application Vulnerabilities

Web Application Vulnerabilities



In this presentation I have tried to figure out common loop holes through which web applications may fall prey to the attackers, common tools used in the trade and some preventive security measures to ...

In this presentation I have tried to figure out common loop holes through which web applications may fall prey to the attackers, common tools used in the trade and some preventive security measures to put us on a safer side.



Total Views
Views on SlideShare
Embed Views



2 Embeds 6

http://www.slideshare.net 5
https://www.linkedin.com 1



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Web Application Vulnerabilities Web Application Vulnerabilities Presentation Transcript

    • Web Web Application Application Hacking Setup Objectives Web Anatomy Application of an Threats Attack Countermeasures
    • A client/server software application that interacts with users or other systems using HTTP. Modern applications are typically written in Java (or similar languages) and run on distributed application server, connecting to multiple data sources.  Examples of Web Applications : i) webmail ii)Online retail sales iii)wikis
    •  Defacing websites Stealing credit card Information Exploiting server-side scripting Exploiting buffer overflows Employ malicious code Dos attack Destruction of Data
    •  Cross-site scripting  SQL injection  Buffer overflow  Zero day attack  Directory Traversal/Forceful Browsing  Cookie/session poisoning  Parameter/form tampering  Error Message Interception
    •  Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by web users into the web pages viewed by other users.  Examples of such code include JavaScript code. Stored Attack Reflected Attack
    • XSS www.mailprovider.com  Hacker finds out www. mailprovider.com suffers from XSS. Mail Users get mail asking to click a hyperlink for getting a free gift Click here For free gift When the user click malicious script gets executed. www.mailprovider.com/default.asp?name=<script>evilScript()</script> Your browser correctly interprets this as Vulnerable Web browser script and runs the script site If this script instructs the browser to send a cookie , to the hacker's computer, it quickly complies. May take the user to a fake web page of his online banking site.
    •  It is basically a security exploit in which attacker injects SQL code through a web form input box, address barto gain access to resources and makes changes to data.  SQL Injection attacks can often be executed from address bar, from within application fields, and through queries and searches
    • var sql = quot;select * from users where username = ' username ' and password = ' password ' quot; ; Username: anything‘ or 1=1-- Password: quot; select * from users where username = 'anything' or 1=1--'and password ='' quot;;
    •  Mechanism  When the amount of data sought to be added to a buffer exceeds the size of the buffer; generally resulting in a catastrophic error.  Occurs when boundary checks are not done fully or skipped. Error in programming.  After successful execution  Gain super user privilege.  Installation of backdoor.  Put a server down
    •  Zero-day attacks take place between the time a vulnerability is discovered by a researcher or attacker, and the time that the vendor issues a corrective patch.  Most zero-day attacks are only available as hand-crafted exploit code, but zero-day worms have caused rapid panic.  Zero-day vulnerability is the launching point for further exploitation of the web application and environment.  Lack of a firewall and enable heuristics scanning.
    •  Cookies are used to maintain session state in the otherwise stateless HTTP protocol.  Poisoning allows an attacker to inject malicious content, modify the user's on-line experience, and obtain unauthorized information  It can be used for rewriting the session data, displaying the cookie data, and/or specifying a new User ID or other session identifiers in the cookie.
    •  Takes advantage of the hidden field that work as the only security measure in some applications.  Modifying this hidden field value will cause the web application to change according tothe new data incorporated  Can cause  theft of services  escalation of access  session hijacking
    •  Attack occurs when the attacker is able to browse directories and files outside normal application access.  Attack exposes the directory structure of the application, and often the underlying web server and operating system  Attacker can enumerate contents, access secure or restricted pages, and gain confidential information, locate source code and so on.  No provision of access right for protected areas of site.
    •  Information in error messages is often rich with web site-specific information which can be used to ::  Determine technologies used in the web applications.  Determine whether attack attempt was successful or not.  Receive hints for attack methods to try next.
    •  Validation of query strings, form fields and hidden fields against a rigorous specification.  Filtering script output .  Structuring request such that all supplied parameters are treated as data ,rather than potentially executable content.  Validating input length in forms and carrying out bounds checking.  Defining access right to protected areas of website.  Applying checks/hot fixes.  Updating web server with security patches in timely manner.  Digitally signed and stamped logs.  Separate log for system event and transaction log for application event.
    • Presented By Preetish Panda preetish88@gmail.com