A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.
-
date post
15-Jan-2016 -
Category
Documents
-
view
223 -
download
0
Transcript of A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.
![Page 1: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/1.jpg)
A Hacker's Perspective
Kamran Bilgrami / Angelo Chan
Silverlight Security
![Page 2: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/2.jpg)
Agenda
• Silverlight overview• Scope• Key concepts• Demos• Recommendations• Q&A
![Page 3: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/3.jpg)
Silverlight Overview
User• Cross-browser, cross-platform• Media-rich (audio/video)• Run in-browser, out-of-browser• .xap - archive of assemblies,
manifest Programmer• .NET programming model• Networking and LINQ support
![Page 4: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/4.jpg)
Silverlight architecture
• Presentation (e.g. Media)• CoreCLR (optimized)
![Page 5: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/5.jpg)
Silverlight overview - security
• Run-time security modes o In browser, out of browser
• Sandboxo User initiated, same origin
policy
![Page 6: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/6.jpg)
Scope
• In scopeo Vulnerabilities against Silverlight
related components • Out of scope
o Classical attacks (SQL Injection, XSS etc)
• Due to XAP/CoreCLR, hackers can now
apply .NET assembly hacking techniques to your web application
![Page 7: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/7.jpg)
Useful concepts
• XAP• CoreCLR• Intermediate Language (IL)
• Widely Available Tools
o ILASM/ILDASMo Reflectoro ReflexIL
• Signing/Tamper detection• Obfuscation (Protect IP)
![Page 8: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/8.jpg)
Demos
![Page 9: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/9.jpg)
Demo 1 Summary
Problems• Code not obfuscated• Tamper-able Assembly • Client side Business logic
Solutions• Use code obfuscation• Assembly Signing• Server Side Business
![Page 10: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/10.jpg)
Demo 2 Summary
Starting conditions• Code was obfuscated• Tamper resistant• IP / Business logic on
server side
Run-time hacking• Bypass tamper detection• Bypass server business
logic
![Page 11: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/11.jpg)
Recommendations
• Web security - XSS, data encryption
• CLR - Obfuscation, signing• Domain-specific - e.g. banking
application• Legal
![Page 12: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/12.jpg)
Q&A
![Page 13: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/13.jpg)
References• Silverlight Security Overview - MSDN• Silverlight Architecture - MSDN• SOS command reference - MSDN• CLR Inside Out - MSDN• http://www.windowsdebugging.com
[email protected]@windowsdebugging.com
![Page 14: A Hacker's Perspective Kamran Bilgrami / Angelo Chan Silverlight Security.](https://reader036.fdocuments.in/reader036/viewer/2022062804/56649d2a5503460f949ff761/html5/thumbnails/14.jpg)