Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The...
Transcript of Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The...
![Page 1: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/1.jpg)
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License.
The OWASP Foundation
OWASP
http://www.owasp.org
Web Application Security
Vinod Senthil T
Director
infySEC
044-42611142/43 11th August, 2012
Basic SQL injection
Basic Click Jacking
![Page 2: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/2.jpg)
OWASP 2
$whoami
Vinod T Senthil - Information security consultant/researcher for infySEC. By Qualification he is a Computer Science engineer,
MBA in IT along with a Diploma in Cyber crime.
Also posses some certifications such as
SANS Certified Intrusion Analyst – GCIA
Certified Ethical Hacker (CEH)
Certified Hacker Forensics Investigator (CHFI)
Checkpoint Certified Security Administrator (CCSA)
Oracle Certified Associate (OCA)
Microsoft Certified Professional (MCP)
IT Infrastructure Library (ITIL V3)
Cisco Certified Network Administrator (CCNA)
![Page 3: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/3.jpg)
OWASP 3
What is the ‘Worlds MOST Secured System’ ?
The worlds most secured system is a system, That is dug 10ooo miles underground, and surrounded by 10ooo volts of electrified fences and filled with toxic nitrous gas on all sides , with a bunch of trained army men, and still it stays to be one of the most vulnerable piece of a code.
![Page 4: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/4.jpg)
OWASP 4
Little of History
![Page 5: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/5.jpg)
OWASP 5
![Page 6: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/6.jpg)
OWASP 6
![Page 7: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/7.jpg)
OWASP 7
![Page 8: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/8.jpg)
OWASP 8
![Page 9: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/9.jpg)
OWASP 9
![Page 10: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/10.jpg)
OWASP 10
![Page 11: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/11.jpg)
OWASP 11
![Page 12: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/12.jpg)
OWASP 12
![Page 13: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/13.jpg)
OWASP 13
![Page 14: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/14.jpg)
OWASP 14
![Page 15: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/15.jpg)
OWASP 15
![Page 16: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/16.jpg)
OWASP 16
![Page 17: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/17.jpg)
OWASP 17
![Page 18: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/18.jpg)
OWASP 18
![Page 19: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/19.jpg)
OWASP 19
Attacks shifted its focus from Outer layers to Inner layers of
the OSI Model
![Page 20: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/20.jpg)
OWASP 20
![Page 21: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/21.jpg)
OWASP 21
Famous Last Words
"I think there is a world market for maybe five computers.“
--Thomas Watson, 1943 (President of IBM)
"640K RAM ought to be enough for anybody for life time“
--Bill Gates, 1981 (Founder of M$)
"32 bits should be enough address space for Internet “
--VintCerf, 1977 (Father of internet)
![Page 22: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/22.jpg)
OWASP 22
Top 10 ATTACKS
Be Happy for being a elite crowd , why ?
![Page 23: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/23.jpg)
OWASP 23
Top 10 attacks (Injection stays at top)
![Page 24: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/24.jpg)
OWASP 24
Typical Web Application Setup
Web
Server DB
DB
Web app
Web
Client Web app
Web app
Web app
HTTP
request
(cleartext
or SSL)
HTTP reply
(HTML,
Javascript,
VBscript,
etc)
Plugins:
•Perl
•C/C++
•JSP, etc
Database
connection:
•ADO,
•ODBC, etc.
SQL
Database
•Apache
•IIS
•Netscape
etc…
Firewall
![Page 25: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/25.jpg)
OWASP 25
![Page 26: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/26.jpg)
OWASP 26
How it works ?
Example :
![Page 27: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/27.jpg)
OWASP 27
How it works ?
Example :
![Page 28: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/28.jpg)
OWASP 28
How it works ?
Example :
![Page 29: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/29.jpg)
OWASP 29
Examining
AND STATEMENT
(I love TRISHA) AND (I LOVE JENILIA) = TRUE
(I love SANTHANAM) AND (I love JENILIA) = FALSE
OR STATEMENT (I love TRISHA) OR (I LOVE JENILIA) = FALSE
(I love SANTHANAM) OR (I love JENILIA) = TRUE
![Page 30: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/30.jpg)
OWASP 30
Examining
![Page 31: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/31.jpg)
OWASP 31
Question ?
![Page 32: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/32.jpg)
OWASP 32
What is Click Jacking & Tab Nabbing ?
Want to hear from you
![Page 33: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/33.jpg)
OWASP 33
The Cruise-Missile Structure
Web
Server DB
DB
Web app
Web app
Web app
Web app
http: // 10.0.0.1 / catalogue / display.asp ? pg = 1 & product = 7
![Page 34: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/34.jpg)
OWASP 34
Intro
ERROR Based SQL injection
Blind SQL Injection
LDAP injection
XML Path Injection
![Page 35: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/35.jpg)
OWASP 35
Other vectors than Top 10 Popular Tests
Incubated vulnerability - Incubated vulnerability Testing for SQL Wildcard Attacks - SQL Wildcard vulnerability
Testing for HTTP Splitting/Smuggling - HTTP Splitting, Smuggling Locking Customer Accounts - Locking Customer Accounts
SSI Injection - SSI Injection Testing for DoS Buffer Overflows - Buffer Overflows
XPath Injection - XPath Injection User Specified Object Allocation - User Specified Object Allocation
IMAP/SMTP Injection - IMAP/SMTP Injection User Input as a Loop Counter - User Input as a Loop Counter
Code Injection - Code Injection
Writing User Provided Data to Disk - Writing User Provided Data to
Disk
OS Commanding - OS Commanding Failure to Release Resources - Failure to Release Resources
Buffer overflow - Buffer overflow
Storing too Much Data in Session - Storing too Much Data in
Session
Incubated vulnerability - Incubated vulnerability WS Information Gathering - N.A.
Testing for HTTP Splitting/Smuggling - HTTP Splitting, Smuggling Testing WSDL - WSDL Weakness
Testing for File Extensions Handling - File extensions handling XML Structural Testing - Weak XML Structure
Old, backup and unreferenced files - Old, backup and unreferenced files XML content-level Testing - XML content-level
Infrastructure and Application Admin Interfaces - Access to Admin
interfaces
HTTP GET parameters/REST Testing - WS HTTP GET
parameters/REST
Testing for HTTP Methods and XST Naughty SOAP attachments - WS Naughty SOAP attachments
Credentials transport over an encrypted channel Replay Testing - WS Replay Testing
Testing for user enumeration - User enumeration AJAX Vulnerabilities - N.A.
Testing for Guessable (Dictionary) User Account AJAX Testing - AJAX weakness
Brute Force Testing - Credentials Brute forcing Testing for Reflected Cross Site Scripting - Reflected XSS
Testing for bypassing authentication schema Testing for Stored Cross Site Scripting - Stored XSS
![Page 36: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/36.jpg)
OWASP 36
Other vectors than Top 10
Popular Tests Testing for vulnerable remember password and pwd reset Testing for DOM based Cross Site Scripting - DOM XSS
Testing for Logout and Browser Cache Management Testing for Cross Site Flashing - Cross Site Flashing
Testing for CAPTCHA - Weak Captcha implementation SQL Injection - SQL Injection
Testing Multiple Factors Authentication LDAP Injection - LDAP Injection
Testing for Race Conditions - Race Conditions vulnerability ORM Injection - ORM Injection
Testing for Session Management Schema XML Injection - XML Injection
Testing for Cookies attributes SSI Injection - SSI Injection
Testing for Session Fixation XPath Injection - XPath Injection
Testing for Exposed Session Variables IMAP/SMTP Injection - IMAP/SMTP Injection
Testing for CSRF Code Injection - Code Injection
Testing for Path Traversal OS Commanding - OS Commanding
Testing for bypassing authorization schema Buffer overflow - Buffer overflow
Testing for Privilege Escalation - Privilege Escalation Spiders, Robots and Crawlers
Testing for Business Logic - Bypassable business logic Search Engine Discovery/Reconnaissance
Testing for Reflected Cross Site Scripting - Reflected XSS Identify application entry points
Testing for Stored Cross Site Scripting - Stored XSS Testing for Web Application Fingerprint
Testing for DOM based Cross Site Scripting - DOM XSS Application Discovery
Testing for Cross Site Flashing - Cross Site Flashing Analysis of Error Codes
SQL Injection - SQL Injection SSL/TLS Testing
LDAP Injection - LDAP Injection DB Listener Testing - DB Listener weak
ORM Injection - ORM Injection XML Injection - XML Injection
![Page 37: Web Application SecurityWhat is Click Jacking & Tab Nabbing ? Want to hear from you OWASP 33 The Cruise-Missile Structure Web Server DB DB Web app Web app Web app Web app http:](https://reader034.fdocuments.in/reader034/viewer/2022050605/5facf86405ca0d7c857ecbc0/html5/thumbnails/37.jpg)
OWASP 37
Thank you
[email protected] http://linkedin.com/in/vino007
The Best Part in ones life IS
DOING WHAT PEOPLE SAY YOU CANNOT DO
- Vino
Flow our blog at :
http://www.infysec.com/news-and-blog/