Download to read offline
More Related Content
Software security
- 1.
- 2. Software Security Issues:- TOPMost Dangerous Software Errors Software Error Category: Insecure Interaction Between Components • SQL Injection • OS Command Injection • Cross-site Scripting (XSS) • Unrestricted Upload of File with Dangerous Type • URL Redirection to Untrusted Site (“Open Redirect”)
- 3. Software Error Category:Risky Resource Management •Buffer Copy without Checking Size of Input (“Classic Buffer Overflow”) •Download of Code Without Integrity Check •Use of Potentially Dangerous Function •Incorrect Calculation of Buffer Size
- 4. Software Error Category:Porous(leaks) Defences • Missing Authentication for Critical Function • Missing Authorization • Missing Encryption of Sensitive Data • Reliance on Untrusted Inputs in a Security Decision • Incorrect Authorization • Use of a One-Way Hash without a Salt
- 5. Handling Program Output •Output might be stored for future use in files or a database, or be transmitted over a network connection • If representing textual information, the data will be encoded using some character set and possibly representing some structured output, such as HTML • If this input contains content that alters the behaviour of the program or device displaying the data, then an attack on the user is possible (It happen in case of XSS)
- 6. • It includesdeleting the user’s files or changing the user’s password • Programs like a mail client, which displayed data originating from other users, needed to filter such text to ensure that any escape sequences included in them were disabled • only programs run at the user’s command were permitted to access the user’s display Example- Classic cross-site scripting (XSS) attack • This attack exploits the assumptions and security models used by Web browsers when viewing content from a site • This allows programmable content like JavaScript to access and manipulate data and metadata at the browser site, such as session cookies associated with that site
- 7. Cross-site Scripting (XSS) •Cross-site scripting vulnerability may be used by attackers to bypass access control • Cross-site scripting attacks use known vulnerabilities in web- based applications, their servers, or the plug-in systems on which they rely • Attacker can gain elevated access-privileges to sensitive page content, to session cookies
- 9. Prevention from CodeInjection:- • Filter user input • Disable allow_url_fopen or allow_url_include setting in php.ini Preventing SQL injection • Manually check each piece of data is of the right type • Use prepared statements and bind variables The prepared statements will do filtering automatically Preventing XSS • In order to prevent XSS attack, proper filter output to the browser through htmlentities() in PHP. Preventing Session capturing and hijacking • Regenerate IDs • If using sessions, always uses SSL
- 10. • Any programsthat gather and rely on third-party data have to be responsible for ensuring that any subsequent use of such data is safe and does not violate the user’s assumptions • Filter any possibly untrusted data to ensure that only valid output is displayed(use filters) The simplest filtering alternative is to remove all HTML markup. • Example- Different character set have diff. encoding of meta characters which allow to bypass the security check(http and https) Consequences:- • The programmer’s reputation will be tarnished, and users may well be less willing to use the program • In case of XSS attacks, a number of well-known sites were implicated in these attacks and suffered adverse publicity