Uploaded by Hebabeg

Unit4Part1

advertisement
Web Application Security
Learning Objectives
❑Realize when, where and why protocol level security mechanisms are not enough
❑Understand how SQL injection attacks affect web application back ends
❑Understand how the web implements session state, using cookies and how
improper implementations are subject to Session
hijacking and Cross-site Request Forgery (CSRF) attacks
❑Understand how popular, browser-executed JavaScript programs can be used
incorrectly by web sites, leading to Cross-site Scripting (XSS) vulnerabilities
❑ Avoid flaws and bugs that introduce these vulnerabilities, with a focus on
employing input validation and sanitization
Introduction to web security
Bypassing Client-Side Controls
Attacking Authentication
Outline
Attacking Session Management
Code Injection Attack (SQL,HTML,SMTP)
Attacking Other Users
Application Logic Attacks
Web Applications - old
❑ Original web sites contained static documents
❑ Flow of interesting information was one-way
❑ No need for authentication, sessions, access control, input validation
Web Applications - now
❑ Highly functional
❑ Flow of information is two-way
❑ Content is dynamic
❑ Much data is private and sensitive
❑ Attacks against web applications
Common Web Applications Vulnerabilities
6 7%
b r o k e n a u t hent icat ion
7 8%
b r o k e n a c c e s s co n t ro ls
3 6%
S Q L i n j ec t ion
an attempt by the hackers to
manipulate your database
particularly to get information
9 1%
c r o s s - s i t e s c r i pt ing
allows the attackers to
inject client side script into
web pages
8 1%
inf ormat ion l e a k a g e
0%
10%
20%
30%
40%
50%
60%
70%
80%
90 %
100%
Why web application security becomes critical
• Conventional organisations’ security efforts focused on the network perimeter
• Modern Web apps have introduced newrisks:
• Users must be able to reach web servers viaHTTP/S
• Web servers must be able to reach databases, mainframes, logistical systems
• Defectsin web apps leave internal systems vulnerable to attack
Why web application security becomes critical
Vulnerable Webapplications damage not only the server end:
• Malicious or compromised applications can be leveraged to attackother users
• Users’ browsers can be used to attack other internal systems
The essential security problem
• Users have complete control over the clientend:
• Can submit arbitrary input
• Can modify all data passing between browser and server
• Can send requests and parameters in any sequence
• Most attacks involve sending crafted or unexpectedinput:
• Changing a hidden field
• Modifying a session token
• Injecting code into back-end components
Bypassing Client-Side Controls
• Hidden HTML form fields are a common mechanism for transmitting data via the
client in a superficially unmodifiable way.
changing form fields -
-They are not displayed on-screen.
-The field's name and value are stored within the form
Bypassing Client-Side Controls
Example1
Bypassing Client-Side Controls
Example1
Bypassing Client-Side Controls
Example1
http cookies can be modified using intercepting proxy and are not displayed on the screen
Download