This document discusses software security and common vulnerabilities in web applications such as SQL injection and cross-site scripting (XSS). It explains that SQL injection exploits vulnerabilities in database applications by injecting malicious SQL code via user input, while XSS injects client-side scripts by storing malicious code in websites. The document demonstrates how these attacks work and can be used to steal sensitive data or inject malware onto users' computers. It emphasizes the importance of validating, sanitizing, and escaping all user input to prevent such vulnerabilities.
2. What is software Security?
•
Application security encompasses measures taken
throughout the application's life-cycle to prevent
exceptions in the security policy of an application or the
underlying system (vulnerabilities) through flaws in the
design, development, deployment, upgrade, or
maintenance of the application, .
3. Why Software security is important?
Leakage of Sensitive data.
Crash of entire application or database.
Fixing issues after the attack will be more expensive
and time consuming.
Quality of the product.
4. Common vulnerabilities in web
application
SQL Injection
Cross-Site Scripting(XSS)
Buffer overflows
HTTP response splitting
6. What is SQL injection?
SQL injection is a code injection technique that
exploits a security vulnerability occurring in the
database layer of an application. The vulnerability is
present when user input is either incorrectly filtered
for string literal escape characters embedded in SQL
statements or user input is not strongly typed and
thereby unexpectedly executed.
13.
SELECT * FROM users WHERE name = ' ' AND
password = ' ' ;
SELECT * FROM users WHERE name = 'admin' AND password
= 'pass123' ;
SELECT * FROM users WHERE name = ' a' OR 't'='t ' AND
password = ' a' OR 't'='t ';
SELECT * FROM users WHERE name = ' a' OR 't'='t ' AND
password = ' a' OR 't'='t ';
DROP TABLE users; - -';
14. More exploits using SQL injection
SELECT TABLE_NAME FROM
INFORMATION_SCHEMA.TABLES
SELECT COLUMN_NAME FROM
INFORMATION_SCHEMA.COLUMNS WHERE
TABLE_NAME='customers'
16. Cross-site Scripting
Cross-site scripting (XSS) is a type of computer
security vulnerability typically found in web
applications that enables malicious attackers to
inject client-side script into web pages viewed by
other users.
17. How it works
Script Injection
Same as before, but instead of placing code in URL, script code is
saved on the application website and stored in database using their
own non-validated forms
When that data is retrieved from database and users load that webpage
the code executes and attack occurs
User would never know the code was executed without viewing the
source of each webpage, since the link looks valid
The application website owner is potentially liable since the attack
code is stored on their site
23. Preventing SQL injection and XSS
SCRUB Error handling
Error messages divulge information that can be used by hacker
VALIDATE all user entered parameters
CHECK data types and lengths
DISALLOW unwanted data (e.g. HTML tags, JavaScript)
ESCAPE questionable characters (ticks, --,semi-colon, brackets, etc.)