Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Known Drupal Vulnerabilities and OWASP’s Top10

Avatar for andresriancho andresriancho
May 18, 2016
Technology
0
250

Known Drupal Vulnerabilities and OWASP’s Top10

Prepared this talk for the Buenos Aires Drupal meetup

Avatar for andresriancho

andresriancho

May 18, 2016
Tweet

More Decks by andresriancho

See All by andresriancho
Step by step AWS Cloud Hacking
Avatar for andresriancho andresriancho
0
610
Step by step AWS Cloud Hacking
Avatar for andresriancho andresriancho
2
2.9k
Internet-Scale analysis of AWS Cognito Security
Avatar for andresriancho andresriancho
1
12k
Threat Modelling
Avatar for andresriancho andresriancho
0
1.4k
Automated Security Analysis AWS Clouds
Avatar for andresriancho andresriancho
1
3.2k
Injecting into URLs / Breaking URL-Encoding
Avatar for andresriancho andresriancho
0
240
Galería de Fallos en Unicornios
Avatar for andresriancho andresriancho
1
230
Esoteric Web Application Vulnerabilities
Avatar for andresriancho andresriancho
0
1k
String Compare Timing Attacks
Avatar for andresriancho andresriancho
0
580

Other Decks in Technology

See All in Technology
制約理論(ToC)入門
Avatar for Recruit recruitengineers
PRO
9
3.7k
絶対に失敗できないキャンペーンページの高速かつ安全な開発、WINTICKET × microCMS の開発事例
Avatar for microCMS microcms
0
360
カミナシ社の『ID管理基盤』製品内製 - その意思決定背景と2年間の進化 #AWSUnicornDay / Kaminashi ID - The Big Whys
Avatar for 株式会社カミナシ kaminashi
3
720
Oracle Cloud Infrastructure:2025年8月度サービス・アップデート
Avatar for oracle4engineer oracle4engineer
PRO
0
170
【初心者向け】ローカルLLMの色々な動かし方まとめ
Avatar for Aratako aratako
4
2.6k
実践アプリケーション設計 ③ドメイン駆動設計
Avatar for Recruit recruitengineers
PRO
13
4.1k
ヘブンバーンズレッドのレンダリングパイプライン刷新
Avatar for gree_tech gree_tech
PRO
0
440
異業種出身エンジニアが気づいた、転向して十数年経っても変わらない自分の武器とは
Avatar for macneko-ayu macnekoayu
0
260
2025年になってもまだMySQLが好き
Avatar for yoku0825 yoku0825
7
3.1k
事業価値と Engineering
Avatar for Recruit recruitengineers
PRO
8
5.4k
【Grafana Meetup Japan #6】Grafanaをリバプロ配下で動かすときにやること ~ Grafana Liveってなんだ ~
Avatar for よしたけ yoshitake945
0
220
スプリントレトロスペクティブはチーム観察の宝庫? 〜チームの衝突レベルに合わせたアプローチ仮説!〜
Avatar for Hatorik electricsatie
1
150

Featured

See All Featured
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
179
9.9k
The Web Performance Landscape in 2024 [PerfNow 2024]
Avatar for Tammy Everts tammyeverts
9
790
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
Avatar for Aki / @LoveIdahoBurger aki_iinuma
126
53k
Fashionably flexible responsive web design (full day workshop)
Avatar for Andy Clarke malarkey
407
66k
A Tale of Four Properties
Avatar for Chris Coyier chriscoyier
160
23k
Writing Fast Ruby
Avatar for Erik Berlin sferik
628
62k
Building an army of robots
Avatar for Kyle Neath kneath
306
46k
Code Review Best Practice
Avatar for Trisha Gee trishagee
70
19k
Designing for Performance
Avatar for Lara Hogan lara
610
69k
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
330
21k
Automating Front-end Workflow
Avatar for Addy Osmani addyosmani
1370
200k
Making Projects Easy
Avatar for Brett Harned brettharned
117
6.4k

Transcript

  1. None

  2. ▪ ▪ ▪ ▪ ▪ ▪

  3. ▪ ▪ ▪ ▪

  4. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  5. None
  6. None

  7. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  8. ▪ ▪ ▪

  9. None
  10. None
  11. None

  12. ▪ ▪ ▪ ▪ ▪ ▪

  13. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  14. String query = "select * from customers where group =

    "; query += request.getParameter("group"); rowMapper = new RowMapper<Customer>() { @Override public Customer mapRow(ResultSet rs, int rowNum) throws SQLException { return new Customer(rs.getLong("id"), rs.getString("first_name"), rs.getString("group")); } }; jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/customers?group=12

  15. String query = "select * from customers where group =

    " query += request.getParameter("group"); jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/query?group=1 OR 1=1 SELECT * FROM customers where group=1 OR 1=1
  16. None
  17. None

  18. ▪ ▪

  19. ▪ ▪ … ▪ ▪ … ▪ ▪ ▪ ▪

  20. ▪ ▪ ▪

  21. <html> <h1>Comentarios</h1> <h3>Hola!</h3> <p><script>alert("Controlado por el intruso")</script></p> </html>

  22. None

  23. /hello?name=<script>alert(‘xss’)</script> <p>Hi <script>alert(‘xss’)</script></p> @RequestMapping("/hello") @ResponseBody protected String handleHello(HttpServletRequest request){ String

    name = request.getParameter("name"); return String.format(“<p>Hi %s</p>", name); }

  24. /hello?name=<script>alert(‘xss’)</script> <p>Hi &lt;script&gt;alert(&quot;xss&quot;)&lt;/script&gt;</p> Hi <script>alert(‘xss’)</script> import org.springframework.web.util.HtmlUtils; @RequestMapping("/hello") @ResponseBody protected

    String handleHello(HttpServletRequest request){ String name = request.getParameter("name"); return String.format("<p>Hi %s</p>", HtmlUtils.htmlEscape(name)); }
  25. None

  26. ▪ ▪ ▪

  27. ▪ ▪ <img src=http://home-banking.com/transfer?dst=1234&amount=3>

  28. None
  29. None

  30. ▪ •

  32. None

  33. ▪ ▪

  34. None

  35. ▪ ▪

  36. ▪ …

  37. ▪ ▪ if not has_authorization(user, action, object): raise AuthorizationException(user, action,

    object) action(user, object)
  38. None

  39. ▪ ▪ ▪ ▪

  40. None
  41. None