Post on 27-Aug-2014
description
#!@SrinivasPresenter
2 #!@
About me
Certifications:MCTS 70-515: Web Applications Development with .NET 4
Contact Me: Email: mallisetty.srinivasulu@mindfiresolutions.com
Presenter Srinivas
3 #!@
I. INTRODUCTION TO XSS
Agenda
II. TYPES OF XSS
III. PREVENTING XSS
IV. INTRODUCTION TO SQL INJECTION
V. OVERVIEW OF SQL INJECTION
VI. PREVENTING TO SQL INJECTION
SrinivasPresenter
4 #!@SrinivasPresenter
I. INTRODUCTION TO XSSXSS is a vulnerability that allows an attacker
to run arbitrary JavaScript in the context of the vulnerable website
5 #!@SrinivasPresenter
I. INTRODUCTION TO XSS
6 #!@SrinivasPresenter
II. TYPES OF XSS
1.Reflected XSS (AKA Non-Persistent or Type II)
2.Stored XSS (AKA Persistent or Type I)
3.DOM Based XSS (AKA Type-0)
7 #!@SrinivasPresenter
Reflected XSSReflected attacks are those where the
injected script is reflected off the web server, such as in an error message, search result, or any other response that includes some or all of the input sent to the server as part of the request.
8 #!@SrinivasPresenter
Stored XSSStored attacks are those where the injected
script is permanently stored on the target servers, such as in a database, in a message forum, visitor log, comment field, etc. The victim then retrieves the malicious script from the server when it requests the stored information
9 #!@SrinivasPresenter
DOM Based XSSDOM Based attacks are those where the
attack payload is executed as a result of modifying the DOM “environment” in the victim’s browser used by the original client side script, so that the client side code runs in an “unexpected” manner.
10 #!@
III. PREVENTING XSS1.Using a template system with context-
aware auto-escaping2.Manually escaping user input
– White List– Black List ( <!, &#, <\?, <, >)
1.Understanding common browser behaviors that lead to XSS
SrinivasPresenter
11 #!@
III. PREVENTING XSS
SrinivasPresenter
12 #!@
IV. INTRODUCTION TO SQL INJECTIONSQL injection is a technique where malicious
users can inject SQL commands into an SQL statement, via web page input
Ex:
Presenter Srinivas
13 #!@
V. OVERVIEW OF SQL INJECTION
How to know whether the web app is vulnerable to Sql Injection or not?
How to know profile the db structure?
How to fetch the data?
Presenter Srinivas
14 #!@Presenter Srinivas
VI. PREVENTING TO SQL INJECTION
1.Query parameterization
2.Input validationBlack ListWhite List
1.Least Privilege
15 #!@
Least PrivilegeDon’t connect to the database with admin
privilege, grant only necessary permissions.
Denying access to special system utilities and system stored procedures.
Calling stored procedures would be more secure if we have fine-grained control on what will be returned in the stored procedure.
Presenter Srinivas
16 #!@
Nothing is foolproofThere are some suggestions on how you can
minimize the chance that your website will contain the vulnerabilities.
But remember that both security and technology evolves very rapidly; so, no guarantees--what works today may not fully work tomorrow (hackers can be pretty clever).
SrinivasPresenter
17 #!@
References:http://www.codeproject.com/Articles/102284/SQL-Injection-and-Cross-Site-Scriptinghttp://excess-xss.com/http://www.webappsec.org/projects/articles/071105.shtmlhttp://web.archive.org/web/20130401091931/http://www.comsecglobal.com/FrameWork/Upload/SQL_Smuggling.pdfhttp://msdn.microsoft.com/en-us/library/ff648339.aspxhttp://projects.webappsec.org/w/page/13246920/Cross%20Site%20Scripting
18 #!@
Thank you
Presenter Srinivas
19 #!@Srinivas
QUERIES??Presenter
20 #!@Presenter Srinivas
www.mindfiresolutions.com
https://www.facebook.com/MindfireSolutions
http://www.linkedin.com/company/mindfire-solutions
http://twitter.com/mindfires