Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Known Drupal Vulnerabilities and OWASP’s Top10

andresriancho
May 18, 2016
Technology
0
230

Known Drupal Vulnerabilities and OWASP’s Top10

Prepared this talk for the Buenos Aires Drupal meetup

andresriancho

May 18, 2016
Tweet

More Decks by andresriancho

See All by andresriancho
Step by step AWS Cloud Hacking
andresriancho
0
610
Step by step AWS Cloud Hacking
andresriancho
2
2.8k
Internet-Scale analysis of AWS Cognito Security
andresriancho
1
11k
Threat Modelling
andresriancho
0
1.2k
Automated Security Analysis AWS Clouds
andresriancho
1
3.1k
Injecting into URLs / Breaking URL-Encoding
andresriancho
0
220
Galería de Fallos en Unicornios
andresriancho
1
170
Esoteric Web Application Vulnerabilities
andresriancho
0
860
String Compare Timing Attacks
andresriancho
0
520

Other Decks in Technology

See All in Technology
C++26 エラー性動作
faithandbrave
2
780
小学3年生夏休みの自由研究「夏休みに Copilot で遊んでみた」
taichinakamura
0
170
DUSt3R, MASt3R, MASt3R-SfM にみる3D基盤モデル
spatial_ai_network
2
190
alecthomas/kong はいいぞ / kamakura.go#7
fujiwara3
1
300
LINEスキマニにおけるフロントエンド開発
lycorptech_jp
PRO
0
330
フロントエンド設計にモブ設計を導入してみた / 20241212_cloudsign_TechFrontMeetup
bengo4com
0
1.9k
開発生産性向上! 育成を「改善」と捉えるエンジニア育成戦略
shoota
2
400
Amazon Kendra GenAI Index 登場でどう変わる? 評価から学ぶ最適なRAG構成
naoki_0531
0
120
ゼロから創る横断SREチーム 挑戦と進化の軌跡
rvirus0817
2
270
宇宙ベンチャーにおける最近の情シス取り組みについて
axelmizu
0
110
生成AIのガバナンスの全体像と現実解
fnifni
1
190
re:Invent 2024 Innovation Talks(NET201)で語られた大切なこと
shotashiratori
0
320

Featured

See All Featured
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
330
21k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
132
33k
Building Better People: How to give real-time feedback that sticks.
wjessup
365
19k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
26
1.9k
Visualization
eitanlees
146
15k
Music & Morning Musume
bryan
46
6.2k
Product Roadmaps are Hard
iamctodd
PRO
49
11k
Designing Experiences People Love
moore
138
23k
Bootstrapping a Software Product
garrettdimon
PRO
305
110k
Fontdeck: Realign not Redesign
paulrobertlloyd
82
5.3k
Fashionably flexible responsive web design (full day workshop)
malarkey
405
66k
Embracing the Ebb and Flow
colly
84
4.5k

Transcript

  1. None

  2. ▪ ▪ ▪ ▪ ▪ ▪

  3. ▪ ▪ ▪ ▪

  4. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  5. None
  6. None

  7. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  8. ▪ ▪ ▪

  9. None
  10. None
  11. None

  12. ▪ ▪ ▪ ▪ ▪ ▪

  13. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  14. String query = "select * from customers where group =

    "; query += request.getParameter("group"); rowMapper = new RowMapper<Customer>() { @Override public Customer mapRow(ResultSet rs, int rowNum) throws SQLException { return new Customer(rs.getLong("id"), rs.getString("first_name"), rs.getString("group")); } }; jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/customers?group=12

  15. String query = "select * from customers where group =

    " query += request.getParameter("group"); jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/query?group=1 OR 1=1 SELECT * FROM customers where group=1 OR 1=1
  16. None
  17. None

  18. ▪ ▪

  19. ▪ ▪ … ▪ ▪ … ▪ ▪ ▪ ▪

  20. ▪ ▪ ▪

  21. <html> <h1>Comentarios</h1> <h3>Hola!</h3> <p><script>alert("Controlado por el intruso")</script></p> </html>

  22. None

  23. /hello?name=<script>alert(‘xss’)</script> <p>Hi <script>alert(‘xss’)</script></p> @RequestMapping("/hello") @ResponseBody protected String handleHello(HttpServletRequest request){ String

    name = request.getParameter("name"); return String.format(“<p>Hi %s</p>", name); }

  24. /hello?name=<script>alert(‘xss’)</script> <p>Hi &lt;script&gt;alert(&quot;xss&quot;)&lt;/script&gt;</p> Hi <script>alert(‘xss’)</script> import org.springframework.web.util.HtmlUtils; @RequestMapping("/hello") @ResponseBody protected

    String handleHello(HttpServletRequest request){ String name = request.getParameter("name"); return String.format("<p>Hi %s</p>", HtmlUtils.htmlEscape(name)); }
  25. None

  26. ▪ ▪ ▪

  27. ▪ ▪ <img src=http://home-banking.com/transfer?dst=1234&amount=3>

  28. None
  29. None

  30. ▪ •

  32. None

  33. ▪ ▪

  34. None

  35. ▪ ▪

  36. ▪ …

  37. ▪ ▪ if not has_authorization(user, action, object): raise AuthorizationException(user, action,

    object) action(user, object)
  38. None

  39. ▪ ▪ ▪ ▪

  40. None
  41. None