Successfully reported this slideshow.
Your SlideShare is downloading. ×

CSV Injection by Ishaq Mohammed

Ad

Greetings!
17-06-2017

Ad

Formula/CSV
Injection

Ad

#WHOAMI
Ishaq Mohammed
Security Consultant @SecureLayer7
Ardent Security Researcher/Learner
You can ping here: @security_p...

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Loading in …3
×

Check these out next

1 of 21 Ad
1 of 21 Ad

More Related Content

CSV Injection by Ishaq Mohammed

  1. 1. Greetings! 17-06-2017
  2. 2. Formula/CSV Injection
  3. 3. #WHOAMI Ishaq Mohammed Security Consultant @SecureLayer7 Ardent Security Researcher/Learner You can ping here: @security_prince
  4. 4. #ls -l /Index ▸ Introduction ▸ DDE ▸ Exploitation ▸ Demo ▸ Remediation ▸ Reference
  5. 5. #cd Introduction
  6. 6. “CSV injection is a vulnerability which affects applications having the export spreadsheets functionality.
  7. 7. #cat Introduction ▸Modern Applications allow users to export their data into .csv or xls file which are handled by spreadsheet applications like MS-EXCEL and OpenOffice Calc ▸Inputs from untrusted sources ▸Once exploited successfully, can lead to Remote Code Execution and Remote Exfilteration of sensitive data
  8. 8. #cd DDE Dynamic Data Exchange
  9. 9. Method used by application for inter-communication #cat DDE DDE(server; file; item; mode)
  10. 10. #cd Exploitation
  11. 11. #Exploit RCE? Yeah!!
  12. 12. #cat Payloads ▸ Basic =sum(10+10) ▸ OpenOffice & LibreOffice =DDE("cmd";"/C calc";"__DdeLink_60_870516294") ▸ Microsoft Excel =cmd|’ /C calc’!A0
  13. 13. #cd Demo
  14. 14. #cd Remediation
  15. 15. #cat Remediations ▸ Do not trust user input ▸ Output encoding ▸ Prefix -/=/| with an apostrophe ▸ HTML Encoding for special characters
  16. 16. #cd Reports
  17. 17. #Report ▸CSV Injection in Uber reported by David Dworken
  18. 18. #cd References
  19. 19. #cat References Special thanks to all the people who made and released these awesome resources: ▸ Comma Separated Vulnerabilities by ContextIS ▸ CSV Injection Revisited - Making Things More Dangerous(and fun) by Andy Gill ▸ Formula Injection by Chirag Savla ▸ Everything about the CSV Excel Macro Injection by Ishaq Mohammed ▸ CSV Injection in Uber reported by David Dworken
  20. 20. Questions? Discussions/Queries
  21. 21. THANK YOU! 

×