|
 setting
standards
|
by
Jeff Stewart
SENCAW | AUTHOR
|
Here’s a simple example of a script that sniffs an ethernet line for all TCP/IP packets bound to/from a particular host and dumps out the source/destination IP address/port and a hex dump of the packet’s contents:
Here’s a simple example of a script that sniffs an Ethernet line for all TCP/IP packets bound to/from a particular host and dumps out the source/destination IP address/port and a hex dump of the packet’s.
#!/usr/bin/perl -w
use strict;
use Net::PcapUtils;
use NetPacket::Ethernet;
use NetPacket::IP;
use NetPacket::TCP;
use Data::HexDump;
Net::PcapUtils::loop(\&process_pkt, FILTER => 'ip host 192.168.1.252')
+;
my $i=0;
sub process_pkt {
my ($user_data,$hdr,$pkt)=@_;
my $eth=NetPacket::Ethernet->decode($pkt);
if($eth->{type} == 2048){
my $ip=NetPacket::IP->decode($eth->{data});
if($ip->{proto} == 6){
my $tcp=NetPacket::TCP->decode($ip->{data});
print "\n\n$i $ip->{src_ip}($tcp->{src_port}) -> $ip->{dest_ip}(
+$tcp->{dest_port})\n";
print HexDump $ip->{data};
$i++;
}
}
}
Posted in Uncategorized, access, address, apache, hex, inection, perl, port, queries, tcp | No Comments »
Department of Computer Science and Information Engineering,
National Chiao Tung University As a large and complex application platform, the World Wide Web is capable of delivering a broad range of sophisticated applications. However, many Web applications go through rapid development phases with extremely short turnaround time, making it difficult to eliminate vulnerabilities. Here we analyze the design of Web application security assessment mechanisms in order to identify poor coding practices that render Web applications vulnerable to attacks such as SQL injection and cross-site scripting. We describe the use of a number of software-testing techniques (including dynamic analysis, black-box testing, fault injection, and behavior monitoring), and suggest mechanisms for applying these techniques to Web applications. Real-world situations are used to test a tool we named the Web Application Vulnerability and Error Scanner (WAVES, an open-source project available at http://waves.sourceforge.net) and to compare it with other tools. Our results show that WAVES is a feasible platform for assessing Web application security. More
ABSTRACT by Chung-Hung Tsai
Department of Computer Science and Information Engineering, National Chiao Tung University
As a large and complex application platform, the World Wide Web is capable of delivering a broad range of sophisticated applications. However, many Web applications go through rapid development phases with extremely short turnaround time, making it difficult to eliminate vulnerabilities. Here we analyze the design of Web application security assessment mechanisms in order to identify poor coding practices that render Web applications vulnerable to attacks such as SQL injection and cross-site scripting. We describe the use of a number of software-testing techniques (including dynamic analysis, black-box testing, fault injection, and behavior monitoring), and suggest mechanisms for applying these techniques to Web applications. Real-world situations are used to test a tool we named the Web Application Vulnerability and Error Scanner (WAVES, an open-source project available at http://waves.sourceforge.net) and to compare it with other tools. Our results show that WAVES is a feasible platform for assessing Web application security.
More
Posted in Uncategorized, apache, inection, mysql, queries, software protection, sophisticated applications, sql | No Comments »
Insider and Ousider Threat-Sensitive SQL Injection Vulnerability Analysis in PHP
Ettore Merlo; Dominic Letarte; Giuliano Antoniol
Summary:
In general, SQL-injection attacks rely on some weak validation of textual input used to build database queries. Maliciously crafted input may threaten the confidentiality and the security policies of Web sites relying on a database to store and retrieve information. Furthermore, insiders may introduce malicious code in a Web application, code that, when triggered by some specific input, for example, would violate security policies. This paper presents an original approach based on static analysis to automatically detect statements in PHP applications that may be vulnerable to SQL-injections triggered by either malicious input (outsider threats) or malicious code (insider threats). Original flow analysis equations, that propagate and combine security levels along an inter-procedural control flow graph (CFG), are presented. The computation of security levels presents linear execution time and memory complexity More
Insider and Ousider Threat-Sensitive SQL Injection Vulnerability Analysis in PHP
Ettore Merlo; Dominic Letarte; Giuliano Antoniol
Summary:
In general, SQL-injection attacks rely on some weak validation of textual input used to build database queries. Maliciously crafted input may threaten the confidentiality and the security policies of Web sites relying on a database to store and retrieve information. Furthermore, insiders may introduce malicious code in a Web application, code that, when triggered by some specific input, for example, would violate security policies.
This paper presents an original approach based on static analysis to automatically detect statements in PHP applications that may be vulnerable to SQL-injections triggered by either malicious input (outsider threats) or malicious code (insider threats). Original flow analysis equations, that propagate and combine security levels along an inter-procedural control flow graph (CFG), are presented. The computation of security levels presents linear execution time and memory complexity
Posted in analysis, code, inection, input, ip, malicious, queries, soap-apache-mysql, sophisticated applications, vulnerability | No Comments »
