Your SlideShare is downloading. ×
Django book20 security
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Django book20 security

878
views

Published on

A brief introduction of Django Book ch 20. …

A brief introduction of Django Book ch 20.
With basic network security knowledge.

Published in: Technology

0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
878
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
6
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Django book Chapter 20 - Security Alfred 113年10月1⽇日星期⼆二
  • 2. Never - under any circumstances - trust data from browser! 213年10月1⽇日星期⼆二
  • 3. A simple theory of security (based on 質餘) ‣ choose 2 prime p, q ‣ n = p, q ‣ based on Euler Function, phi(n) = (p-1)(q-1) ‣ 1 < e, public key <= phi(n) ‣ let d 是 e 的modulo reverse, d。e 同餘 1 mod phi(n) 313年10月1⽇日星期⼆二
  • 4. A simple theory of security (based on 質餘) cont. 413年10月1⽇日星期⼆二
  • 5. Number example (from wiki) 1. Choose two distinct prime numbers, such as and . 2. Compute n = p。q giving 3. Compute the totient of the product as φ(n) = (p − 1)(q − 1) giving. 4. Choose any number 1 < e < 3120 that is coprime to 3120. Choosing a prime number for e leaves us only to check that e is not a divisor of 3120.Let 5. Compute d, the modular multiplicative inverse of e (mod φ(n)) yielding The public key is (n = 3233, e = 17). For a padded plaintext message m, the encryption function is The private key is (n = 3233, d = 2753). For an encrypted ciphertext c, the decryption function is c2753(mod 3233). 513年10月1⽇日星期⼆二
  • 6. IdentifyYour Identity 613年10月1⽇日星期⼆二
  • 7. Cross-Site Request Forgery , CSRF Attack • Malicious Client request a fake link. • Solution is mentioned by CSRF token, chapter 16. 713年10月1⽇日星期⼆二
  • 8. Session Forging/Hijacking • man-in-the-middle (男⼈人 在中間) • session forging • cookie forging • session fixation • session poisoning wiki:session fixation 813年10月1⽇日星期⼆二
  • 9. Solutions • Never allow session information to be contained in the URL. Django bless you. • Don’t store data in cookies directly. request.session bless you. • Prevent attackers from spoofing session IDs whenever possible. Django use hash function to protect you session ID. (As I know, some hash function is not safe, ex. SHA-1) • Sensitive Data? use Https:// SESSION_COOKIE_SECURE  =  TRUE 913年10月1⽇日星期⼆二
  • 10. Break.... 1013年10月1⽇日星期⼆二
  • 11. Code Injection Code Injection is a type of system bugs that is caused by processing invalid data. 既然稱為Bug, 那當然就是你的問題阿 1113年10月1⽇日星期⼆二
  • 12. SQL Injection How a username could become invalid data? • Escape char ‘’ • SQL reserved word • SQL logic 1213年10月1⽇日星期⼆二
  • 13. SQL Injection (Cont.) Tears In Heaven... 1313年10月1⽇日星期⼆二
  • 14. SQL Injection Solution 1. Use Django API, please. 2. Exception Person.objects.raw('SELECT * FROM foo') django.db.connection.ops.quote_name(user) 1413年10月1⽇日星期⼆二
  • 15. Cross Site Script, XSS XSS enables attackers to inject client-side script into Web pages viewed by other users. xss, xsstc(css javascript) 1513年10月1⽇日星期⼆二
  • 16. Cross Site Script, XSS Q. How it works? A. 攻擊者利⽤用Client Browser可以動態執⾏行語法的特性,或可從 其他Server讀取程式碼的⽅方式,設計⼀一組簡易的link提供victims。 1. Find a Web Page who contains leak of any kind of XSS. 2. Design the XSS script, stolen cookies, do sth., etc 3. Send a link toVictims. (By mail or anything.) 再好的網站設計也不能阻擋清純的使⽤用者 1613年10月1⽇日星期⼆二
  • 17. Example of XSS http://example.com/hello/?name=Jacob http://example.com/hello/?name=<i>Jacob</i> http://redirect.example.com/hello/?name=jacob Malicious Link 1713年10月1⽇日星期⼆二
  • 18. Solution of XSS 1813年10月1⽇日星期⼆二
  • 19. Email Header Injection • A field of E-Mail form would provide another Injection method. "helloncc:spamvictim@example.com" (where "n” is a newline character) solution:  django.core.mail.send_mail 1913年10月1⽇日星期⼆二
  • 20. Filename Injection • A field to let user fill the file name... • how about ../../../../../etc/passwd. • Needless to say, you should never write code that can read from any area of the disk! 2013年10月1⽇日星期⼆二
  • 21. Filename Injection (cont.) 2113年10月1⽇日星期⼆二
  • 22. • 破解密碼 (暴⼒力法、字典、Birthday Attack) • 偽裝( 男⼈人在中間, xx forging... ) • Code Injection (SQL, XSS, email header,...) • 破壞 (DDOS, explode request) • Zero-Day Attack + Service Scan • Social-Engineering (information gathering) 2213年10月1⽇日星期⼆二
  • 23. Thanks Alfred 2313年10月1⽇日星期⼆二

×