AppSec 2007 - .NET Web Services Hacking

Shreeraj Shah
Shreeraj ShahFounder & Partner, Security Professional, Author, Faculty & Speaker at Blueinfy
.NET Web Services Hacking – Scan, Attacks and Defense Shreeraj Shah Founder & Director, Blueinfy [email_address] 91+987-902-7018
Who am I? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],http://shreeraj.blogspot.com [email_address] Tools – http://www.blueinfy.com/tools.html
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Web Services on the rise with Web 2.0 ,[object Object],[object Object],[object Object]
Web Services and Web 2.0 HTML / JS / DOM RIA (Flash) Ajax Browser Internet Blog Local Application Database Authentication Internet Weather News Documents Emails Bank/Trade RSS feeds Web Services
Widget DOM HTML/CSS JavaScript SOAP XML-RPC JSON XML Open APIs SaaS Services REST Browser Protocols Consuming Web Services Ajax Flash / RIA JSON-RPC Structures Server-Side HTTP(S)
Methodology Footprinting & Discovery Enumeration & Profiling Vulnerability Detection Code / Config Scanning Web Services Firewall Secure Coding Insecure Web Services Secure Web Services Blackbox Whitebox Defense & Countermeasure
Footprinting and Discovery ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Primary Discovery ,[object Object],[object Object],[object Object]
Primary Discovery - Demos ,[object Object],[object Object],[object Object],[object Object],Demo
Secondary Discovery ,[object Object],[object Object],[object Object],[object Object],[object Object],Demo
Enumerating and Profiling ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Demo
Risk - In transit ,[object Object],[object Object],[object Object]
Risk - Web services Engine ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Web services Deployment - Risk ,[object Object],[object Object],[object Object],[object Object],[object Object]
Web services User code - Risk ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Scanning strategies ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Demo
A1 - Cross Site Scripting (XSS) ,[object Object],[object Object],[object Object],[object Object],[object Object],Demo
A2 - Injection Flaws ,[object Object],[object Object],[object Object],[object Object],Demo
A3 - Malicious File Execution ,[object Object],[object Object],[object Object],Demo
A4 - Insecure Direct Object Reference ,[object Object],[object Object],[object Object],[object Object],[object Object],Demo
A5 - Cross Site Request Forgery (CSRF) ,[object Object],[object Object],[object Object],[object Object],[object Object],Demo
A6 - Information Leakage and Improper Error Handling ,[object Object],[object Object],[object Object],[object Object],Demo
A7 - Broken Authentication and Session Management ,[object Object],[object Object],[object Object],[object Object],[object Object]
A8/A9 - Insecure Cryptographic and Communication ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A10 - Failure to Restrict URL Access ,[object Object],[object Object],[object Object],[object Object],[object Object]
Code Analysis for Web Services ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Demo
[object Object],[object Object],[object Object],[object Object],[object Object],Code filtering with IHTTPModule
IIS Web Server HTTP Stack .Net Web Services IIS Web Server web2wall Web Services Client SOAP Envelope Reject Rules for SOAP Code filtering with IHTTPModule
.Net Web Services .asmx file IIS web server web2wall Web Services Client SOAP Input Envelope <soap:Body soap:encodingStyle=&quot;http://schemas.xmlsoap.org/soap/encoding/&quot;> <q1:getInput xmlns:q1=&quot;http://DefaultNamespace&quot;> <id xsi:type=&quot;xsd:string&quot;>12123</id> </q1:getInput> </soap:Body> DB <id xsi:type=&quot;xsd:string&quot;>12123</id> id=12123 Bal=$2500 <ns1:getInputReturn xsi:type=&quot;xsd:string&quot;> $2500 </ns1:getInputReturn> SOAP Output Envelope Code filtering with IHTTPModule
HTTP Stack for IIS Request IIS aspnet_isapi.dll HttpApplication HttpHandler HttpModule HttpModule HttpModule Response Web Application Resource Web Application Client 146
HTTP Stack HttpRuntime HttpApplicationFactory HttpApplication HttpHandlerFactory HttpContext IHttpModule Handler HttpRequest HttpResponse IHttpHandler 147
HTTP Stack for .Net HttpRuntime HttpApplicationFactory HttpApplication HttpHandlerFactory IHttpModule Handler Web Application Firewall & IDS 148
IHTTPModule for Web Services Firewall ,[object Object],[object Object],[object Object],[object Object],[object Object],Demo
Conclusion ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
.NET Web Services Hacking – Scan, Attacks and Defense Thanks!
1 of 36

AppSec 2007 - .NET Web Services Hacking

Download to read offline
Technology
Shreeraj Shah
Shreeraj ShahFounder & Partner, Security Professional, Author, Faculty & Speaker at Blueinfy

Recommended

Assessment methodology and approach by
Assessment methodology and approachAssessment methodology and approach
Assessment methodology and approachBlueinfy Solutions
2.8K views19 slides
Web 2.0 Application Kung-Fu - Securing Ajax & Web Services by
Web 2.0 Application Kung-Fu - Securing Ajax & Web ServicesWeb 2.0 Application Kung-Fu - Securing Ajax & Web Services
Web 2.0 Application Kung-Fu - Securing Ajax & Web ServicesShreeraj Shah
82K views42 slides
HTML5 hacking by
HTML5 hackingHTML5 hacking
HTML5 hackingBlueinfy Solutions
3.1K views84 slides
CSRF, ClickJacking & Open Redirect by
CSRF, ClickJacking & Open RedirectCSRF, ClickJacking & Open Redirect
CSRF, ClickJacking & Open RedirectBlueinfy Solutions
5.5K views44 slides
Source Code Analysis with SAST by
Source Code Analysis with SASTSource Code Analysis with SAST
Source Code Analysis with SASTBlueinfy Solutions
2.8K views69 slides
HTTP protocol and Streams Security by
HTTP protocol and Streams SecurityHTTP protocol and Streams Security
HTTP protocol and Streams SecurityBlueinfy Solutions
2.5K views30 slides

More Related Content

What's hot

Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise by
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseHacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseShreeraj Shah
2.8K views47 slides
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2) by
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Shreeraj Shah
9K views66 slides
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY by
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERYFIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERYShreeraj Shah
15K views60 slides
XPATH, LDAP and Path Traversal Injection by
XPATH, LDAP and Path Traversal InjectionXPATH, LDAP and Path Traversal Injection
XPATH, LDAP and Path Traversal InjectionBlueinfy Solutions
3.1K views30 slides
Website hacking and prevention (All Tools,Topics & Technique ) by
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Jay Nagar
671 views180 slides
Web Attacks - Top threats - 2010 by
Web Attacks - Top threats - 2010Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Shreeraj Shah
5.5K views55 slides

What's hot(20)

Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise by Shreeraj Shah
Hacking Ajax & Web Services - Next Generation Web Attacks on the RiseHacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Hacking Ajax & Web Services - Next Generation Web Attacks on the Rise
Shreeraj Shah2.8K views
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2) by Shreeraj Shah
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Next Generation Web Attacks – HTML 5, DOM(L3) and XHR(L2)
Shreeraj Shah9K views
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY by Shreeraj Shah
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERYFIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY
FIND ME IF YOU CAN – SMART FUZZING AND DISCOVERY
Shreeraj Shah15K views
XPATH, LDAP and Path Traversal Injection by Blueinfy Solutions
XPATH, LDAP and Path Traversal InjectionXPATH, LDAP and Path Traversal Injection
XPATH, LDAP and Path Traversal Injection
Blueinfy Solutions3.1K views
Website hacking and prevention (All Tools,Topics & Technique ) by Jay Nagar
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )
Jay Nagar671 views
Web Attacks - Top threats - 2010 by Shreeraj Shah
Web Attacks - Top threats - 2010Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010
Shreeraj Shah5.5K views
Applciation footprinting, discovery and enumeration by Blueinfy Solutions
Applciation footprinting, discovery and enumerationApplciation footprinting, discovery and enumeration
Applciation footprinting, discovery and enumeration
Blueinfy Solutions2.4K views
Web Hacking by Information Technology
Web HackingWeb Hacking
Web Hacking
Information Technology13.2K views
Introduction to shodan by n|u - The Open Security Community
Introduction to shodanIntroduction to shodan
Introduction to shodan
n|u - The Open Security Community574 views
[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac... by Shreeraj Shah
[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...
[Infosecworld 08 Orlando] New Defenses for .NET Web Apps: IHttpModule in Prac...
Shreeraj Shah5.7K views
CNIT 129S: Ch 5: Bypassing Client-Side Controls by Sam Bowne
CNIT 129S: Ch 5: Bypassing Client-Side ControlsCNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side Controls
Sam Bowne2.2K views
Api security-testing by n|u - The Open Security Community
Api security-testingApi security-testing
Api security-testing
n|u - The Open Security Community777 views
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2) by Sam Bowne
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
Sam Bowne859 views
Common Web Application Attacks by Ahmed Sherif
Common Web Application Attacks Common Web Application Attacks
Common Web Application Attacks
Ahmed Sherif802 views
Vulnerabilities in modern web applications by Niyas Nazar
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar1.5K views
Blackhat11 shreeraj reverse_engineering_browser by Shreeraj Shah
Blackhat11 shreeraj reverse_engineering_browserBlackhat11 shreeraj reverse_engineering_browser
Blackhat11 shreeraj reverse_engineering_browser
Shreeraj Shah1.8K views
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2) by Sam Bowne
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)
Sam Bowne692 views
Web application attacks by hruth
Web application attacksWeb application attacks
Web application attacks
hruth56.5K views
Html5 localstorage attack vectors by Shreeraj Shah
Html5 localstorage attack vectorsHtml5 localstorage attack vectors
Html5 localstorage attack vectors
Shreeraj Shah7.4K views
Secure Web Applications Ver0.01 by Vasan Ramadoss
Secure Web Applications Ver0.01Secure Web Applications Ver0.01
Secure Web Applications Ver0.01
Vasan Ramadoss646 views

Similar to AppSec 2007 - .NET Web Services Hacking

Web Services Security by
Web Services SecurityWeb Services Security
Web Services Securityamiable_indian
1.3K views33 slides
gofortution by
gofortutiongofortution
gofortutiongofortution
562 views25 slides
Manindra kishore _incident_handling_n_log_analysis - ClubHack2009 by
Manindra kishore _incident_handling_n_log_analysis - ClubHack2009Manindra kishore _incident_handling_n_log_analysis - ClubHack2009
Manindra kishore _incident_handling_n_log_analysis - ClubHack2009ClubHack
2.4K views30 slides
Hacking Web 2.0 - Defending Ajax and Web Services [HITB 2007 Dubai] by
Hacking Web 2.0 - Defending Ajax and Web Services [HITB 2007 Dubai]Hacking Web 2.0 - Defending Ajax and Web Services [HITB 2007 Dubai]
Hacking Web 2.0 - Defending Ajax and Web Services [HITB 2007 Dubai]Shreeraj Shah
33.8K views116 slides
Secure SDLC for Software by
Secure SDLC for Software Secure SDLC for Software
Secure SDLC for Software Shreeraj Shah
5.9K views86 slides
Owasp Top 10 And Security Flaw Root Causes by
Owasp Top 10 And Security Flaw Root CausesOwasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root CausesMarco Morana
5.5K views60 slides

Similar to AppSec 2007 - .NET Web Services Hacking(20)

Web Services Security by amiable_indian
Web Services SecurityWeb Services Security
Web Services Security
amiable_indian1.3K views
gofortution by gofortution
gofortutiongofortution
gofortution
gofortution562 views
Manindra kishore _incident_handling_n_log_analysis - ClubHack2009 by ClubHack
Manindra kishore _incident_handling_n_log_analysis - ClubHack2009Manindra kishore _incident_handling_n_log_analysis - ClubHack2009
Manindra kishore _incident_handling_n_log_analysis - ClubHack2009
ClubHack2.4K views
Hacking Web 2.0 - Defending Ajax and Web Services [HITB 2007 Dubai] by Shreeraj Shah
Hacking Web 2.0 - Defending Ajax and Web Services [HITB 2007 Dubai]Hacking Web 2.0 - Defending Ajax and Web Services [HITB 2007 Dubai]
Hacking Web 2.0 - Defending Ajax and Web Services [HITB 2007 Dubai]
Shreeraj Shah33.8K views
Secure SDLC for Software by Shreeraj Shah
Secure SDLC for Software Secure SDLC for Software
Secure SDLC for Software
Shreeraj Shah5.9K views
Owasp Top 10 And Security Flaw Root Causes by Marco Morana
Owasp Top 10 And Security Flaw Root CausesOwasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root Causes
Marco Morana5.5K views
Romulus OWASP by Grupo Gesfor I+D+i
Romulus OWASPRomulus OWASP
Romulus OWASP
Grupo Gesfor I+D+i2.1K views
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri... by Jeremiah Grossman
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Jeremiah Grossman1.1K views
Web Services by Gaurav Tyagi
Web ServicesWeb Services
Web Services
Gaurav Tyagi4.3K views
Web Services by Gaurav Tyagi
Web ServicesWeb Services
Web Services
Gaurav Tyagi2K views
DevSecOps - automating security by John Staveley
DevSecOps - automating securityDevSecOps - automating security
DevSecOps - automating security
John Staveley727 views
Cyber ppt by karthik menon
Cyber pptCyber ppt
Cyber ppt
karthik menon1.8K views
Hacking Client Side Insecurities by amiable_indian
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
amiable_indian2.5K views
Hack applications by enrizmoore
Hack applicationsHack applications
Hack applications
enrizmoore326 views
Application Security Workshop by Priyanka Aash
Application Security Workshop Application Security Workshop
Application Security Workshop
Priyanka Aash2.4K views
04. xss and encoding by Eoin Keary
04. xss and encoding04. xss and encoding
04. xss and encoding
Eoin Keary2K views
Shreeraj - Hacking Web 2 0 - ClubHack2007 by ClubHack
Shreeraj - Hacking Web 2 0 - ClubHack2007Shreeraj - Hacking Web 2 0 - ClubHack2007
Shreeraj - Hacking Web 2 0 - ClubHack2007
ClubHack659 views
Hacking web applications by phanleson
Hacking web applicationsHacking web applications
Hacking web applications
phanleson3.1K views
SOA and web services by Sreekanth Narayanan
SOA and web servicesSOA and web services
SOA and web services
Sreekanth Narayanan596 views
香港六合彩 by baoyin
香港六合彩香港六合彩
香港六合彩
baoyin564 views

More from Shreeraj Shah

XSS and CSRF with HTML5 by
XSS and CSRF with HTML5XSS and CSRF with HTML5
XSS and CSRF with HTML5Shreeraj Shah
45K views73 slides
Top 10 HTML5 Threats - Whitepaper by
Top 10 HTML5 Threats - WhitepaperTop 10 HTML5 Threats - Whitepaper
Top 10 HTML5 Threats - WhitepaperShreeraj Shah
4.4K views21 slides
Dom Hackking & Security - BlackHat Preso by
Dom Hackking & Security - BlackHat PresoDom Hackking & Security - BlackHat Preso
Dom Hackking & Security - BlackHat PresoShreeraj Shah
608 views17 slides
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web by
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web [Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web Shreeraj Shah
6.5K views86 slides
Hacking and Securing .NET Apps (Infosecworld) by
Hacking and Securing .NET Apps (Infosecworld)Hacking and Securing .NET Apps (Infosecworld)
Hacking and Securing .NET Apps (Infosecworld)Shreeraj Shah
128.2K views115 slides
Web Application Kung-Fu, Art of Defense (Bellua/HITB) by
Web Application Kung-Fu, Art of Defense (Bellua/HITB)Web Application Kung-Fu, Art of Defense (Bellua/HITB)
Web Application Kung-Fu, Art of Defense (Bellua/HITB)Shreeraj Shah
63.1K views106 slides

More from Shreeraj Shah(9)

XSS and CSRF with HTML5 by Shreeraj Shah
XSS and CSRF with HTML5XSS and CSRF with HTML5
XSS and CSRF with HTML5
Shreeraj Shah45K views
Top 10 HTML5 Threats - Whitepaper by Shreeraj Shah
Top 10 HTML5 Threats - WhitepaperTop 10 HTML5 Threats - Whitepaper
Top 10 HTML5 Threats - Whitepaper
Shreeraj Shah4.4K views
Dom Hackking & Security - BlackHat Preso by Shreeraj Shah
Dom Hackking & Security - BlackHat PresoDom Hackking & Security - BlackHat Preso
Dom Hackking & Security - BlackHat Preso
Shreeraj Shah608 views
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web by Shreeraj Shah
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web [Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
[Infosecworld 08 Orlando] CSRF: The Biggest Little Vulnerability on the Web
Shreeraj Shah6.5K views
Hacking and Securing .NET Apps (Infosecworld) by Shreeraj Shah
Hacking and Securing .NET Apps (Infosecworld)Hacking and Securing .NET Apps (Infosecworld)
Hacking and Securing .NET Apps (Infosecworld)
Shreeraj Shah128.2K views
Web Application Kung-Fu, Art of Defense (Bellua/HITB) by Shreeraj Shah
Web Application Kung-Fu, Art of Defense (Bellua/HITB)Web Application Kung-Fu, Art of Defense (Bellua/HITB)
Web Application Kung-Fu, Art of Defense (Bellua/HITB)
Shreeraj Shah63.1K views
Web Services Security Chess (RSA) by Shreeraj Shah
Web Services Security Chess (RSA)Web Services Security Chess (RSA)
Web Services Security Chess (RSA)
Shreeraj Shah4.2K views
Advanced Web Hacking (EUSecWest 06) by Shreeraj Shah
Advanced Web Hacking (EUSecWest 06)Advanced Web Hacking (EUSecWest 06)
Advanced Web Hacking (EUSecWest 06)
Shreeraj Shah112.3K views
Advanced Web Services Hacking (AusCERT 06) by Shreeraj Shah
Advanced Web Services Hacking (AusCERT 06)Advanced Web Services Hacking (AusCERT 06)
Advanced Web Services Hacking (AusCERT 06)
Shreeraj Shah23.6K views

Recently uploaded

KVM Security Groups Under the Hood - Wido den Hollander - Your.Online by
KVM Security Groups Under the Hood - Wido den Hollander - Your.OnlineKVM Security Groups Under the Hood - Wido den Hollander - Your.Online
KVM Security Groups Under the Hood - Wido den Hollander - Your.OnlineShapeBlue
225 views19 slides
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P... by
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...ShapeBlue
196 views62 slides
Optimizing Communication to Optimize Human Behavior - LCBM by
Optimizing Communication to Optimize Human Behavior - LCBMOptimizing Communication to Optimize Human Behavior - LCBM
Optimizing Communication to Optimize Human Behavior - LCBMYaman Kumar
38 views49 slides
MVP and prioritization.pdf by
MVP and prioritization.pdfMVP and prioritization.pdf
MVP and prioritization.pdfrahuldharwal141
39 views8 slides
Ransomware is Knocking your Door_Final.pdf by
Ransomware is Knocking your Door_Final.pdfRansomware is Knocking your Door_Final.pdf
Ransomware is Knocking your Door_Final.pdfSecurity Bootcamp
98 views46 slides
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ... by
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...ShapeBlue
171 views28 slides

Recently uploaded(20)

KVM Security Groups Under the Hood - Wido den Hollander - Your.Online by ShapeBlue
KVM Security Groups Under the Hood - Wido den Hollander - Your.OnlineKVM Security Groups Under the Hood - Wido den Hollander - Your.Online
KVM Security Groups Under the Hood - Wido den Hollander - Your.Online
ShapeBlue225 views
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P... by ShapeBlue
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
Developments to CloudStack’s SDN ecosystem: Integration with VMWare NSX 4 - P...
ShapeBlue196 views
Optimizing Communication to Optimize Human Behavior - LCBM by Yaman Kumar
Optimizing Communication to Optimize Human Behavior - LCBMOptimizing Communication to Optimize Human Behavior - LCBM
Optimizing Communication to Optimize Human Behavior - LCBM
Yaman Kumar38 views
MVP and prioritization.pdf by rahuldharwal141
MVP and prioritization.pdfMVP and prioritization.pdf
MVP and prioritization.pdf
rahuldharwal14139 views
Ransomware is Knocking your Door_Final.pdf by Security Bootcamp
Ransomware is Knocking your Door_Final.pdfRansomware is Knocking your Door_Final.pdf
Ransomware is Knocking your Door_Final.pdf
Security Bootcamp98 views
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ... by ShapeBlue
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...
How to Re-use Old Hardware with CloudStack. Saving Money and the Environment ...
ShapeBlue171 views
Business Analyst Series 2023 - Week 4 Session 7 by DianaGray10
Business Analyst Series 2023 - Week 4 Session 7Business Analyst Series 2023 - Week 4 Session 7
Business Analyst Series 2023 - Week 4 Session 7
DianaGray10146 views
Evaluation of Quality of Experience of ABR Schemes in Gaming Stream by Alpen-Adria-Universität
Evaluation of Quality of Experience of ABR Schemes in Gaming StreamEvaluation of Quality of Experience of ABR Schemes in Gaming Stream
Evaluation of Quality of Experience of ABR Schemes in Gaming Stream
Alpen-Adria-Universität38 views
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue by ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlueVNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
VNF Integration and Support in CloudStack - Wei Zhou - ShapeBlue
ShapeBlue207 views
LLMs in Production: Tooling, Process, and Team Structure by Aggregage
LLMs in Production: Tooling, Process, and Team StructureLLMs in Production: Tooling, Process, and Team Structure
LLMs in Production: Tooling, Process, and Team Structure
Aggregage57 views
CryptoBotsAI by chandureddyvadala199
CryptoBotsAICryptoBotsAI
CryptoBotsAI
chandureddyvadala19942 views
The Role of Patterns in the Era of Large Language Models by Yunyao Li
The Role of Patterns in the Era of Large Language ModelsThe Role of Patterns in the Era of Large Language Models
The Role of Patterns in the Era of Large Language Models
Yunyao Li91 views
Digital Personal Data Protection (DPDP) Practical Approach For CISOs by Priyanka Aash
Digital Personal Data Protection (DPDP) Practical Approach For CISOsDigital Personal Data Protection (DPDP) Practical Approach For CISOs
Digital Personal Data Protection (DPDP) Practical Approach For CISOs
Priyanka Aash162 views
"Running students' code in isolation. The hard way", Yurii Holiuk by Fwdays
"Running students' code in isolation. The hard way", Yurii Holiuk "Running students' code in isolation. The hard way", Yurii Holiuk
"Running students' code in isolation. The hard way", Yurii Holiuk
Fwdays36 views
Initiating and Advancing Your Strategic GIS Governance Strategy by Safe Software
Initiating and Advancing Your Strategic GIS Governance StrategyInitiating and Advancing Your Strategic GIS Governance Strategy
Initiating and Advancing Your Strategic GIS Governance Strategy
Safe Software184 views
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti... by ShapeBlue
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
DRaaS using Snapshot copy and destination selection (DRaaS) - Alexandre Matti...
ShapeBlue141 views
Redefining the book supply chain: A glimpse into the future - Tech Forum 2023 by BookNet Canada
Redefining the book supply chain: A glimpse into the future - Tech Forum 2023Redefining the book supply chain: A glimpse into the future - Tech Forum 2023
Redefining the book supply chain: A glimpse into the future - Tech Forum 2023
BookNet Canada44 views
NTGapps NTG LowCode Platform by Mustafa Kuğu
NTGapps NTG LowCode Platform NTGapps NTG LowCode Platform
NTGapps NTG LowCode Platform
Mustafa Kuğu437 views
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f... by TrustArc
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc176 views
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or... by ShapeBlue
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
Zero to Cloud Hero: Crafting a Private Cloud from Scratch with XCP-ng, Xen Or...
ShapeBlue199 views

AppSec 2007 - .NET Web Services Hacking

  • 1. .NET Web Services Hacking – Scan, Attacks and Defense Shreeraj Shah Founder & Director, Blueinfy [email_address] 91+987-902-7018
  • 2.
  • 3.
  • 4.
  • 5. Web Services and Web 2.0 HTML / JS / DOM RIA (Flash) Ajax Browser Internet Blog Local Application Database Authentication Internet Weather News Documents Emails Bank/Trade RSS feeds Web Services
  • 6. Widget DOM HTML/CSS JavaScript SOAP XML-RPC JSON XML Open APIs SaaS Services REST Browser Protocols Consuming Web Services Ajax Flash / RIA JSON-RPC Structures Server-Side HTTP(S)
  • 7. Methodology Footprinting & Discovery Enumeration & Profiling Vulnerability Detection Code / Config Scanning Web Services Firewall Secure Coding Insecure Web Services Secure Web Services Blackbox Whitebox Defense & Countermeasure
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29. IIS Web Server HTTP Stack .Net Web Services IIS Web Server web2wall Web Services Client SOAP Envelope Reject Rules for SOAP Code filtering with IHTTPModule
  • 30. .Net Web Services .asmx file IIS web server web2wall Web Services Client SOAP Input Envelope <soap:Body soap:encodingStyle=&quot;http://schemas.xmlsoap.org/soap/encoding/&quot;> <q1:getInput xmlns:q1=&quot;http://DefaultNamespace&quot;> <id xsi:type=&quot;xsd:string&quot;>12123</id> </q1:getInput> </soap:Body> DB <id xsi:type=&quot;xsd:string&quot;>12123</id> id=12123 Bal=$2500 <ns1:getInputReturn xsi:type=&quot;xsd:string&quot;> $2500 </ns1:getInputReturn> SOAP Output Envelope Code filtering with IHTTPModule
  • 31. HTTP Stack for IIS Request IIS aspnet_isapi.dll HttpApplication HttpHandler HttpModule HttpModule HttpModule Response Web Application Resource Web Application Client 146
  • 32. HTTP Stack HttpRuntime HttpApplicationFactory HttpApplication HttpHandlerFactory HttpContext IHttpModule Handler HttpRequest HttpResponse IHttpHandler 147
  • 33. HTTP Stack for .Net HttpRuntime HttpApplicationFactory HttpApplication HttpHandlerFactory IHttpModule Handler Web Application Firewall & IDS 148
  • 34.
  • 35.
  • 36. .NET Web Services Hacking – Scan, Attacks and Defense Thanks!