#!@SrinivasPresenter

2 #!@

About me

Certifications:MCTS 70-515: Web Applications Development with .NET 4

Contact Me: Email: mallisetty.srinivasulu@mindfiresolutions.com

Presenter Srinivas

3 #!@

I. INTRODUCTION TO XSS

Agenda

II. TYPES OF XSS

III. PREVENTING XSS

IV. INTRODUCTION TO SQL INJECTION

V. OVERVIEW OF SQL INJECTION

VI. PREVENTING TO SQL INJECTION

SrinivasPresenter

4 #!@SrinivasPresenter

I. INTRODUCTION TO XSSXSS is a vulnerability that allows an attacker

to run arbitrary JavaScript in the context of the vulnerable website

5 #!@SrinivasPresenter

I. INTRODUCTION TO XSS

6 #!@SrinivasPresenter

II. TYPES OF XSS

1.Reflected XSS (AKA Non-Persistent or Type II)

2.Stored XSS (AKA Persistent or Type I)

3.DOM Based XSS (AKA Type-0)

7 #!@SrinivasPresenter

Reflected XSSReflected attacks are those where the

injected script is reflected off the web server, such as in an error message, search result, or any other response that includes some or all of the input sent to the server as part of the request.

8 #!@SrinivasPresenter

Stored XSSStored attacks are those where the injected

script is permanently stored on the target servers, such as in a database, in a message forum, visitor log, comment field, etc. The victim then retrieves the malicious script from the server when it requests the stored information

9 #!@SrinivasPresenter

DOM Based XSSDOM Based attacks are those where the

attack payload is executed as a result of modifying the DOM “environment” in the victim’s browser used by the original client side script, so that the client side code runs in an “unexpected” manner.

10 #!@

III. PREVENTING XSS1.Using a template system with context-

aware auto-escaping2.Manually escaping user input

– White List– Black List ( <!, &#, <\?, <, >)

1.Understanding common browser behaviors that lead to XSS

SrinivasPresenter

11 #!@

III. PREVENTING XSS

SrinivasPresenter

12 #!@

IV. INTRODUCTION TO SQL INJECTIONSQL injection is a technique where malicious

users can inject SQL commands into an SQL statement, via web page input

Ex:

Presenter Srinivas

13 #!@

V. OVERVIEW OF SQL INJECTION

How to know whether the web app is vulnerable to Sql Injection or not?

How to know profile the db structure?

How to fetch the data?

Presenter Srinivas

14 #!@Presenter Srinivas

VI. PREVENTING TO SQL INJECTION

1.Query parameterization

2.Input validationBlack ListWhite List

1.Least Privilege

15 #!@

Least PrivilegeDon’t connect to the database with admin

privilege, grant only necessary permissions.

Denying access to special system utilities and system stored procedures.

Calling stored procedures would be more secure if we have fine-grained control on what will be returned in the stored procedure.

Presenter Srinivas

16 #!@

Nothing is foolproofThere are some suggestions on how you can

minimize the chance that your website will contain the vulnerabilities.

But remember that both security and technology evolves very rapidly; so, no guarantees--what works today may not fully work tomorrow (hackers can be pretty clever).

SrinivasPresenter

17 #!@

References:http://www.codeproject.com/Articles/102284/SQL-Injection-and-Cross-Site-Scriptinghttp://excess-xss.com/http://www.webappsec.org/projects/articles/071105.shtmlhttp://web.archive.org/web/20130401091931/http://www.comsecglobal.com/FrameWork/Upload/SQL_Smuggling.pdfhttp://msdn.microsoft.com/en-us/library/ff648339.aspxhttp://projects.webappsec.org/w/page/13246920/Cross%20Site%20Scripting

18 #!@

Thank you

Presenter Srinivas

19 #!@Srinivas

QUERIES??Presenter

20 #!@Presenter Srinivas

www.mindfiresolutions.com

https://www.facebook.com/MindfireSolutions

http://www.linkedin.com/company/mindfire-solutions

http://twitter.com/mindfires