際際滷

際際滷Share a Scribd company logo

Breaching a Web Application - Common Issues and Mitigating Steps

Download as PPTX, PDF
J
jasonjfrank

It seems like every day that another company's logo is plastered across the media and they have lost thousands, if not millions of customer records. This kind of data loss is damaging to a company's reputation and their customers have little control of their private information. Attackers often want this data for financial gain or to embarrass that company. There are several methods a malicious attacker will use to gain access to this data. Injection-based attacks leverage an application's lack of input validation to extract information and allow for unauthorized data access. In addition, the platform on which the application resides can be leveraged to gain unauthorized admin access and ultimately, data access. Both scenarios will be discussed and demonstrated in this talk. Finally, mitigating steps will be discussed at every level of the attack. The approach will be a defense in depth model that will proactively protect a web application. While there is no silver bullet against a determined attacker, these mitigations will make their lives more difficult.

Convert to study guideBETA

Transform any presentation into a summarized study guide, highlighting the most important points and key insights.

1 of 39
Download to read offline
Breaching a Web Application Common Issues and Mitigating Steps
My Name is Jason Frank Director of Veris Groups Adaptive Threat Division Trainer for Black Hat You can find me at @jasonjfrank Hello!
Agenda An Attackers View Injection Attacks 101 Misconfigurations Remediation and Mitigations
An Attackers View1
Testing Process Discovery ExploitationPost Exploitation Pre- Assessment Activities Post- Assessment Activities
http://tutorials.jenkov.com/images/software-architecture/n-tier-architecture-2.png
http://tutorials.jenkov.com/images/software-architecture/n-tier-architecture-2.png
http://tutorials.jenkov.com/images/software-architecture/n-tier-architecture-2.png DMZ Protected Enclave Internet
https://www.w3.org/2005/03/Demos/insurance.png
https://www.w3.org/2005/03/Demos/insurance.png
Provides free documentation on offensive and defensive application measures Curated OWASP Top Ten Vulnerabilities OWASP Web Testing Guide Contains material for: Web Applications Mobile Software Development Tools
https://www.owasp.org/images/thumb/7/7e/WebTT_thumb.png/400px-WebTT_thumb.png
https://www.owasp.org/images/thumb/7/7e/WebTT_thumb.png/400px-WebTT_thumb.png
Injection Attacks 1012
Injection Attacks Occurs when unintended data is sent to an application Proper input validation / server-side validation is not being performed A dynamically built query can be altered to execute arbitrary calls or requests Common Types of Injection SQL XML OS Command
https://itswadesh.files.wordpress.com/2011/11/sql-injection.jpg
Users Posts Comments Themes Wordpress Server WPDB User WP Table
Users Posts Comments Themes Wordpress Server DBA WP Table Names SSNs Salaries Addresses HR App
Quotations are commonly printed as a means of inspiration and to invoke philosophical thoughts from the reader.
SQL Injection Tools Burp Suite Pro Scanner(Identification) SQLMap SQLNinja
Misconfigurations3
Misconfigurations Serves as a catchup for many facets of the implementation Can occur at all levels of the technology stack Identifies both technical and procedural weaknesses
Operating System Web Servers Applications Add-ons
http://www.rvrsh3ll.net/blog/offensive/leveraging-adobe-livecycle/
http://www.rvrsh3ll.net/blog/offensive/leveraging-adobe-livecycle/
http://www.rvrsh3ll.net/blog/offensive/leveraging-adobe-livecycle/
DMZ Protected Enclave Internet Internal Systems
DMZ Protected Enclave Internet Internal Systems
DMZ Protected Enclave Internet Internal Systems
DMZ Protected Enclave Internet Internal Systems
DMZ Protected Enclave Internet Internal Systems
DMZ Protected Enclave Internet Internal Systems
Tools Nikto Web Scanners Acunetix NTOSpider Burp Suite Pro Vulnerability Scanners Nessus NeXpose
Remediation and Mitigation4
OWASP SAMM Software Assurance Maturity Model Integrating Assessment and Review Activities throughout your SDLC Based on your organizations security drivers https://www.owasp.org/index.php/Category:Softw are_Assurance_Maturity_Model
Static Reviews Source code reviews that are incorporated throughout the development cycle. A Note About Testing Types Dynamic Testing Assessment of the final solution in an operational context.
SQL Injection Prevention OWASP has language specific recommendations Parameterized Queries Input Validation White Listing Escaping User Input https://www.owasp.org/index.php/SQL_Injection_ Prevention_Cheat_Sheet#Defense_Option_1:_Pr epared_Statements_.28Parameterized_Queries. 29
Misconfiguration Prevention Review of all technologies in the stack Implement available hardening guides Have your solution dynamically tested periodically
Any questions ? You can find me at @jasonjfrank 際際滷s posted at: http://www.slideshare.net/jasonjfrank Thanks!

More Related Content

Breaching a Web Application - Common Issues and Mitigating Steps