Transcript Web Security - ECE Users Pages

Web Security
Group 5
Adam Swett
Brian Marco
Why Web Security?
Web sites and web applications constantly
growing
Complex business applications are now
delivered over the web
Increased “web hacking” activity
Web Worms (Sammy)
Firewalls?
Difficulties In Traditional Hacking
Modern networks more secure
Firewalls being used in all network rollouts
OS vendors patching hole quickly
Increased maturity in coding
Firewalls
Lab Sections
SQL Injection
– Basic
– Blind
Cross Site Scripting (XSS)
– Basics
– Cookie Stealing
– Java Scripting
Default Pages
CGI Vulnerabilities
– Vulnerable Scripts
– Nikto
SQL Injection
Exploits a security vulnerability present in
the database layer of an application
– With Errors
– Blind
– Automated
SQL Injection
SQL Injection
Cross Site Scripting
SecurityFocus cataloged over 1,400
issues.
WhiteHat Security has Identified over
1,500 in custom web applications. 8 in 10
websites have XSS.
Tops the Web Hacking Incident Database
(WHID)
Cross Site Scripting
Cookie Stealing
– One of the most common uses of XSS
– Allows you to impersonate someone
Can Lead To Session Hijacking
– HTTP is stateless
– Only verifies at the beginning of session
Cross Site Scripting
Java Script
– Can be written by anyone and executed on
any computer over the web
– Most people have Java Script enabled making
it very dangerous
Cross Site Scripting
Java Script Examples
–
–
–
–
–
–
–
–
–
–
black hat search engine optimization (SEO)
Click-fraud
Distributed Denial of Service
Force access of illegal content
Hack other websites (IDS sirens)
Distributed email spam (Outlook Web Access)
Distributed blog spam
Vote tampering
De-Anonymize people
etc.
Cross Site Scripting
Default Pages
Careless hosting
Gives the ability to browse and retreive a
complete directory on the web server
Happens when the default page is missing
Not-so-strict Web server configuration
Default Pages
CGI Vulnerabilities
A number of widely distributed CGI scripts
contain known security holes
Finding the scripts and exploiting them can
be time consuming
Usually well documented on the web
Some can be worth it
CGI Vulnerabilities
Nph-test-cgi
– Script included with all old versions of Apache
web Server
– Allows user to view all files on the computer
Nph-test-cgi
Nikto
Nikto is an Open Source (GPL) web server scanner
which performs comprehensive tests against web
servers for multiple items, including over 3300 potentially
dangerous files/CGIs, versions on over 625 servers, and
version specific problems on over 230 servers. Scan
items and plugins are frequently updated and can be
automatically updated (if desired)
Nikto
Sources
NetSquare Blackhat Asia Presentation
Whitehat Security
Spi Dynamics