Scribd Logo
Upload

Welcome to Scribd!

  • Owasptop10vulnsandexploitation 130905053929

    Uploaded by

    Jason Muñiz
    9 views24 pages
    just a presentation on hacking

    Original Title

    owasptop10vulnsandexploitation-130905053929-(1)

    Copyright

    © © All Rights Reserved

    Available Formats

    ODP, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    just a presentation on hacking

    Copyright:

    © All Rights Reserved
    Download as ODP, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views24 pages

    Owasptop10vulnsandexploitation 130905053929

    Uploaded by

    Jason Muñiz
    just a presentation on hacking

    Copyright:

    © All Rights Reserved
    Download as ODP, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 24

    OWASP Top 10 Vulnerabilities

    Lets exploit Injection and XSS


    Kim arter ! A"#T$ %onda& '01()0*)'+ %eetup

    OWASP is comin, to -ristc-urc-
    OWASP .a& '01(
    -ttps/001112o1asp2or,0index2p-p0OWASP3"e13#ealand3.a&3'01(
    OWASP 4esources

    Top 10

    -eat S-eets

    Tutorials

    5uides

    Projects6 Tools and ode Libraries



    %ost common securit& 7ulnerabilities
    8ound in 1eb apps in '01(

    Kali Linux

    9ree and open source :5"; Linux< OS

    Tar,ets pro8essional securit& auditors and


    penetration testers

    All tools s-ipped are 8ree and open source

    "o pro8it in7ol7ed

    %an& o8 t-e o7er (00 securit& tools -a7e been


    pro7ided as 8ree 7ersions t-at do t-e same job as
    t-e paid 8or 7ersions
    ;p and 4unnin, 1it- Kali Linux

    .iscuss tools I use 7er& 8re=uentl&
    9ire9ox Add)Ons

    Tamper .ata2 Ver& simple prox&6 but 7er& eas&


    to use

    9ox& prox& / a real time sa7er

    >ac?$ar

    XSS %e

    S@L Inject %e
    -rome extensions

    9ox&Prox&

    oo?ies

    Adit t-is oo?ie


    $urp suite

    T-ere are a lar,e number o8 trainin, apps
    and intentionall& 7ulnerable 1eb apps
    8reel& a7ailable
    IB7e or,anised t-ree to 1or? t-rou,- to
    1et &our appetite
    IBd encoura,e &ou to ta?e t-em 8urt-er

    W-at is Injection
    12Attac?er Injects :,enerall& malicious< code into
    1ebsite2
    '2-an,e t-e course o8 execution on related
    s&stem0s2 5ain in8ormation2 Pri7ile,e escalation2
    %anipulate 0 destro& stored data2 .estro&
    s&stem0s2
    Varieties

    ommand6 S@L6 Xpat-6 @uer& Strin,

    Lots o8 deri7ati7es o8 t-ese



    Wor?s-op Web5oat
    Start -ere/ -ttp/00o1aspb1a0Web5oat0attac?
    Injection
    ommand Injection

    Wor?s-op .VWA
    Start -ere/ -ttp/00o1aspb1a0d71a
    Injection
    S@L Strin, Injection

    Injection %iti,ation tec-ni=ues

    Similar tec-ni=ues to XSS C

    A7oid accessin, external interpreters

    ;se 1ell structured parameters

    Least pri7ile,e

    OWASP Pre7ention -eat S-eets

    $rea? itD
    9urt-er details 8ound -ere/
    -ttps/001112o1asp2or,0index2p-p0Top3103'01()A1)Injection

    W-at is XSS
    12Attac?er Injects :,enerall& malicious< code into
    1ebsite2
    '2W-en 7ictim re=uests 1ebsite code6 attac?ers
    code is executed2
    Varieties

    9ile ;pload

    4e8lected :non)persistent<

    Stored

    Lots o8 deri7ati7es o8 t-ese



    Wor?s-op 5ru&ere
    Start -ere/ -ttp/00,oo,le),ru&ere2appspot2com0
    XSS/ -ttp/00,oo,le),ru&ere2appspot2com0part'
    9ile ;pload XSS

    Wor?s-op 5ru&ere
    Start -ere/ -ttp/00,oo,le),ru&ere2appspot2com0
    XSS/ -ttp/00,oo,le),ru&ere2appspot2com0part'
    4e8lected XSS
    >and& Lin?s/
    ;4L Ancodin,s/ -ttp/0011121(sc-ools2com0ta,s0re83urlencode2asp
    ASII/ -ttp/00asciitable2com
    XSS Strin,s/ -ttps/00o1asp2or,0index2p-p0XSS39ilter3A7asion3-eat3S-eet

    Wor?s-op 5ru&ere
    Start -ere/ -ttp/00,oo,le),ru&ere2appspot2com0
    XSS/ -ttp/00,oo,le),ru&ere2appspot2com0part'
    Stored XSS

    Wor?s-op 5ru&ere
    Start -ere/ -ttp/00,oo,le),ru&ere2appspot2com0
    XSS/ -ttp/00,oo,le),ru&ere2appspot2com0part'
    Stored XSS 7ia >T%L Attribute

    Wor?s-op 5ru&ere
    Start -ere/ -ttp/00,oo,le),ru&ere2appspot2com0
    XSS/ -ttp/00,oo,le),ru&ere2appspot2com0part'
    Stored XSS 7ia AEAX

    W-en t-e user clic?s re8res- button6
    response loo?s li?e
    In t-e mar?)up t-e snippet loo?s li?e/

    Wor?s-op 5ru&ere
    Start -ere/ -ttp/00,oo,le),ru&ere2appspot2com0
    XSS/ -ttp/00,oo,le),ru&ere2appspot2com0part'
    4e8lected XSS 7ia AEAX

    XSS %iti,ation tec-ni=ues

    onstrain all input 8ields to 1ell structured


    data

    W-ite)lists 8or eac- t&pe o8 structured data

    Sanitise

    OWASP Pre7ention -eat S-eets

    $rea? itD
    9urt-er details 8ound -ere/
    -ttps/001112o1asp2or,0index2p-p0Top3103'01()A()ross)Site3Scriptin,3:XSS<


    Axtra 4esources
    Sanitisin, ;ser Input
    -ttp/00blo,2binar&mist2net0'01'01100F0sanitisin,)user)input)8rom)bro1ser)part)10
    -ttp/00blo,2binar&mist2net0'01'01101+0sanitisin,)user)input)8rom)bro1ser)part)'0
    Write)up on Kali Linux
    -ttp/00pentestma,2com0
    Tool jun?&G -ec? out t-is collection
    -ttp/001112so8t1are=atest2com0=at1eb12-tml

    .eliberate Insecure Tar,ets and Trainin,
    Plat8orms t-at IB7e screened2

    >ac?in, Lab/ -ttps/001112-ac?in,)lab2com0

    "ebula/ -ttp/00exploit)exercises2com0

    ,ru&ere/ -ttp/00,oo,le),ru&ere2appspot2com0 an run locall&6 but


    best to run 8rom 1eb

    Web Securit& .ojo/


    -ttps/001112ma7ensecurit&2com01eb3securit&3dojo0
    ) V%1are and Virtual $ox 7ersions2 Loo?s li?e =uite a bit o8
    documentation2 Acti7el& maintained2
    ) Vulnerable tar,ets/
    Web5oat
    5ru&ere
    .amn Vulnerable Web App2
    -ttp/00source8or,e2net0p01ebsecurit&dojo0bu,s0 sa&s
    database setup is bro?en


    .eliberate Insecure Tar,ets and Trainin,
    Plat8orms t-at IB7e screened2
    1(a8 test 1ebsite/
    -ttps/00,it-ub2com0andresrianc-o01(a8)mot-
    V%1are ima,e
    -ttp/001112bonsai)sec2com0en0researc-0mot-2p-p
    Various ot-er unmaintained 1ebsites

    .am Vulnerable Web Application :.VWA<


    -ttp/00d71a2co2u?0
    "ot sure 1-ere t-e documentation isG %a&be embedded in t-e
    do1nloadG

    Acunetix 1/ -ttp/00testp-p27uln1eb2com0 T-ese t-ree are online2

    Acunetix '/ -ttp/00testasp27uln1eb2com0

    Acunetix (/ -ttp/00testaspnet27uln1eb2com0

    %utillidae/
    -ttp/001112iron,ee?2com0i2p-pGpa,eHmutillidae0mutillidae)deliberatel&)7ulnerable)p-p)o1asp)top)10
    Aas& to 8ollo12 5eared to1ards lassroom An7ironment2

    .eliberate Insecure Tar,ets and Trainin,
    Plat8orms t-at IB7e screened2

    Web5oat
    )Plat8orm/ E'AA 1eb application
    )Install/ Sel8 contained Tomcat ser7er &ou can run 8rom a
    director& under Windo1s or Linux
    )"otes/ Lo7e t-e 8act itBs so sel8 contained and eas& to run2 $&
    de8ault it onl& listens on t-e loop)bac? address6 so &ou can run
    it 8rom &our 1or?station a production net1or? 1it- little 1orries2
    )>o1toBs/ -ttp/001ebappsecmo7ies2source8or,e2net01eb,oat0
    )Settin, up on non local-ost/
    -ttps/00code2,oo,le2com0p01eb,oat01i?i09A@
    OWASP $ro?en Web Applications project/
    )-ttps/00code2,oo,le2com0p0o1aspb1a01i?i0;ser5uide
    T-is -as a ,reat selection o8 trainin, apps alon, 1it-
    intentionall& 7ulnerable apps2
    )It contains a lot o8 t-e apps alread& discussed2

    You might also like