Uploaded bynullowaspmumbai
PPTX, PDF103 views

Middleware hacking

The document discusses middleware, including what it is, common vendors, where it stands architecturally, types of middleware, vulnerabilities, and the importance of patching. Middleware is software that connects applications and lies between the OS and applications, supporting distributed business applications. Common vendors include Oracle, and middleware can use RPC, message-oriented, object-oriented like CORBA, or Java technologies. It is important to middleware's role and to patch vulnerabilities.

Embed presentation

Download to read offline
Agenda • what is Middleware? • Vendors for Middleware? • Where it stands in a picture? • Types of Middleware? • Vulnerabilities in Middleware? • Importance of middleware patching?
What is Middleware ? What is Middleware? Middleware is the software that connects software components or enterprise applications. Middleware is the software layer that lies between the operating system and the applications on each side of a distributed computer network Typically, it supports complex, distributed business software applications. https://docs.oracle.com/cd/E15523_01/core.1111/e10103/intro.htm#BABEICDD Servers / Client This is middleware in my understanding.. 
Vendors for Middleware?
Where Middleware stands in picture M I D D L E W A R E
Where Middleware stands in picture KERNEL Network OS Service Middleware Distributed Application
Types of Middleware? OBJECT Oriented Middleware RPC (remote procedure call) MOM Message oriented Middleware Event based Middleware
RPC (remote procedure call) http://p.motionelements.com/stock-video/nature/me705539-inside-mcdonald-s-restaurant-hd-a0252.jpg
RPC (remote procedure call) APPLICATION CALL(function) CLIENT STUB marshalling (network portable format) RPC RPC SERVER STUB unmarshalling Function execute and result PROS * Distributed application * can call any function from anywhere CONS • Platform Dependent • Language Dependent RPC
RPC call Live Example RPC
OBJECT Oriented Middleware (ORB) CORBA The Common Object Request Broker Architecture
OBJECT Oriented Middleware (ORB) CORBA The Common Object Request Broker Architecture BY OMG Group PROS • Platform Independent • Language Independent • ORB :- Object request broker • IIOP :- internet inter operable protocol. APPLICATION CALL(function) CLIENT STUB ORB ORB Skeleton Function execute and result IIOP :- internet inter operable protocol. IDL
Live Example ORB
COM/DCOM PROS • MSIDL:- Microsoft IDL • DCE-RCP :-distributed computing Env-R. CLIENT Proxy COM runtime lib in windows NT COM runtime lib in windows NT STUB Function execute and result DCE-RPC Component object module and distributed component Object Module MSIDL
Enterprise JAVA Bean JAVA RMI (Remote Method Invocation) PROS • Platform Independent • JAVA RMI . WEB Browser WEB APP RMI registry/ JVM RMI registry/ JVM JDBC DATABASE IDL RMI-IIOP
Vulnerabilities in Middleware ISSUES • OVERFLOWS • WEB Application TOP 10 • Architecture flow • Say No to Scanner’s
Importance of middleware patching?
Thank You…! 

More Related Content

PPTX
Web app presentation
byzahid6
 
PPTX
Types of software, advantages and disadvantages
byRocket11986
 
PPTX
Middleware final
byAnkit Anand
 
DOCX
jeffrey.glover.resume
byJeffrey Glover
 
PPTX
59 ways to publish an application v0.9
bymarcelvenema
 
DOCX
Ralph_Cencebaugh Resume
byRalph Cencebaugh
 
DOCX
Michael Tillett Resume4
byMichael Tillett
 
DOC
Maged Bishay - Resume 2015
byMaged Bishay
 
Web app presentation
byzahid6
 
Types of software, advantages and disadvantages
byRocket11986
 
Middleware final
byAnkit Anand
 
jeffrey.glover.resume
byJeffrey Glover
 
59 ways to publish an application v0.9
bymarcelvenema
 
Ralph_Cencebaugh Resume
byRalph Cencebaugh
 
Michael Tillett Resume4
byMichael Tillett
 
Maged Bishay - Resume 2015
byMaged Bishay
 

Similar to Middleware hacking

PDF
Middleware Technology and its importants
byevolution25com
 
PPT
middleware in embedded systems
byAkhil Kumar
 
ODP
Middleware
bynava rathna
 
PPTX
Middleware Technologies ppt
byOECLIB Odisha Electronics Control Library
 
PPTX
The Middleware technology that connects the enterprise
byKasun Indrasiri
 
PPT
middleware-technologies-8871-AmKEtL9-_1_.ppt
byBinduBindu57
 
PPT
Middleware
byDr. Uday Saikia
 
PPTX
Pervasive middleware
byBHAKTI PATIL
 
ODP
Middleware1
bynava rathna
 
PPTX
Manish tripathi-e-commerce-middleware
byA P
 
PPT
12-middleware.ppt
bytsigitnist02
 
DOCX
Middleware – Its Types, Architecture, and Benefits.docx
byXavor Corporation - Redefining Health Technology
 
PDF
Communication middleware
byPeter R. Egli
 
PPT
client-server-architecture ss.ppt
byOsmanGani61
 
PPT
INTERPROCESS COMMUNICATION INTERPROCESS COMMUNICATION INTERPROCESS COMMUNICATION
byPRASAD BANOTH
 
PPT
Unit_2_Midddleware_2.ppt
byrameshwarchintamani
 
PPT
MIDELWARE TECH
bymuthahar.sk
 
PPT
middleware
byrkk0o7
 
PPT
IntroJan14.ppt
byAnkitKumarSharma54
 
PDF
Middleware1
bybhumi109
 
Middleware Technology and its importants
byevolution25com
 
middleware in embedded systems
byAkhil Kumar
 
Middleware
bynava rathna
 
Middleware Technologies ppt
byOECLIB Odisha Electronics Control Library
 
The Middleware technology that connects the enterprise
byKasun Indrasiri
 
middleware-technologies-8871-AmKEtL9-_1_.ppt
byBinduBindu57
 
Middleware
byDr. Uday Saikia
 
Pervasive middleware
byBHAKTI PATIL
 
Middleware1
bynava rathna
 
Manish tripathi-e-commerce-middleware
byA P
 
12-middleware.ppt
bytsigitnist02
 
Middleware – Its Types, Architecture, and Benefits.docx
byXavor Corporation - Redefining Health Technology
 
Communication middleware
byPeter R. Egli
 
client-server-architecture ss.ppt
byOsmanGani61
 
INTERPROCESS COMMUNICATION INTERPROCESS COMMUNICATION INTERPROCESS COMMUNICATION
byPRASAD BANOTH
 
Unit_2_Midddleware_2.ppt
byrameshwarchintamani
 
MIDELWARE TECH
bymuthahar.sk
 
middleware
byrkk0o7
 
IntroJan14.ppt
byAnkitKumarSharma54
 
Middleware1
bybhumi109
 

More from nullowaspmumbai

PPTX
Middleware hacking
bynullowaspmumbai
 
PPTX
Commix
bynullowaspmumbai
 
PPTX
Radio hacking - Part 1
bynullowaspmumbai
 
PPTX
Switch security
bynullowaspmumbai
 
PDF
ELK in Security Analytics
bynullowaspmumbai
 
PPTX
Power forensics
bynullowaspmumbai
 
PPTX
Adversarial machine learning
bynullowaspmumbai
 
PPTX
Dll Hijacking
bynullowaspmumbai
 
PDF
NTFS Forensics
bynullowaspmumbai
 
PPTX
Drozer - An Android Application Security Tool
bynullowaspmumbai
 
PPTX
Internet censorship circumvention techniques
bynullowaspmumbai
 
PPTX
How i got my first cve
bynullowaspmumbai
 
PPTX
How I got my First CVE
bynullowaspmumbai
 
PPTX
Adversarial machine learning updated
bynullowaspmumbai
 
PDF
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
bynullowaspmumbai
 
PPTX
Infrastructure security & Incident Management
bynullowaspmumbai
 
PPTX
Xxe
bynullowaspmumbai
 
PDF
Ganesh naik linux_kernel_internals
bynullowaspmumbai
 
PPTX
Abusing Target
bynullowaspmumbai
 
PDF
Buffer overflow null
bynullowaspmumbai
 
Middleware hacking
bynullowaspmumbai
 
Commix
bynullowaspmumbai
 
Radio hacking - Part 1
bynullowaspmumbai
 
Switch security
bynullowaspmumbai
 
ELK in Security Analytics
bynullowaspmumbai
 
Power forensics
bynullowaspmumbai
 
Adversarial machine learning
bynullowaspmumbai
 
Dll Hijacking
bynullowaspmumbai
 
NTFS Forensics
bynullowaspmumbai
 
Drozer - An Android Application Security Tool
bynullowaspmumbai
 
Internet censorship circumvention techniques
bynullowaspmumbai
 
How i got my first cve
bynullowaspmumbai
 
How I got my First CVE
bynullowaspmumbai
 
Adversarial machine learning updated
bynullowaspmumbai
 
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
bynullowaspmumbai
 
Infrastructure security & Incident Management
bynullowaspmumbai
 
Xxe
bynullowaspmumbai
 
Ganesh naik linux_kernel_internals
bynullowaspmumbai
 
Abusing Target
bynullowaspmumbai
 
Buffer overflow null
bynullowaspmumbai
 

Recently uploaded

PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PPTX
The Landscape of Computer Software Development Companies
byYash Singh
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
PDF
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
PDF
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
PDF
Incident Response Planning with a Foundation Model
byKim Hammar
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PDF
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
The Landscape of Computer Software Development Companies
byYash Singh
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
Incident Response Planning with a Foundation Model
byKim Hammar
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 

Middleware hacking

  • 2.
    Agenda • what isMiddleware? • Vendors for Middleware? • Where it stands in a picture? • Types of Middleware? • Vulnerabilities in Middleware? • Importance of middleware patching?
  • 3.
    What is Middleware? What is Middleware? Middleware is the software that connects software components or enterprise applications. Middleware is the software layer that lies between the operating system and the applications on each side of a distributed computer network Typically, it supports complex, distributed business software applications. https://docs.oracle.com/cd/E15523_01/core.1111/e10103/intro.htm#BABEICDD Servers / Client This is middleware in my understanding.. 
  • 4.
  • 5.
    Where Middleware standsin picture M I D D L E W A R E
  • 6.
    Where Middleware standsin picture KERNEL Network OS Service Middleware Distributed Application
  • 7.
    Types of Middleware? OBJECTOriented Middleware RPC (remote procedure call) MOM Message oriented Middleware Event based Middleware
  • 8.
    RPC (remote procedurecall) http://p.motionelements.com/stock-video/nature/me705539-inside-mcdonald-s-restaurant-hd-a0252.jpg
  • 9.
    RPC (remote procedurecall) APPLICATION CALL(function) CLIENT STUB marshalling (network portable format) RPC RPC SERVER STUB unmarshalling Function execute and result PROS * Distributed application * can call any function from anywhere CONS • Platform Dependent • Language Dependent RPC
  • 10.
  • 11.
    OBJECT Oriented Middleware(ORB) CORBA The Common Object Request Broker Architecture
  • 12.
    OBJECT Oriented Middleware(ORB) CORBA The Common Object Request Broker Architecture BY OMG Group PROS • Platform Independent • Language Independent • ORB :- Object request broker • IIOP :- internet inter operable protocol. APPLICATION CALL(function) CLIENT STUB ORB ORB Skeleton Function execute and result IIOP :- internet inter operable protocol. IDL
  • 13.
  • 14.
    COM/DCOM PROS • MSIDL:- MicrosoftIDL • DCE-RCP :-distributed computing Env-R. CLIENT Proxy COM runtime lib in windows NT COM runtime lib in windows NT STUB Function execute and result DCE-RPC Component object module and distributed component Object Module MSIDL
  • 15.
    Enterprise JAVA Bean JAVARMI (Remote Method Invocation) PROS • Platform Independent • JAVA RMI . WEB Browser WEB APP RMI registry/ JVM RMI registry/ JVM JDBC DATABASE IDL RMI-IIOP
  • 16.
    Vulnerabilities in Middleware ISSUES •OVERFLOWS • WEB Application TOP 10 • Architecture flow • Say No to Scanner’s
  • 17.
  • 18.