Known Drupal Vulnerabilities and OWASP’s Top10

C0999631eb2c54a20ee559c44f8c7080?s=47 andresriancho
May 18, 2016
Technology
0
170

Known Drupal Vulnerabilities and OWASP’s Top10

Prepared this talk for the Buenos Aires Drupal meetup

C0999631eb2c54a20ee559c44f8c7080?s=128

andresriancho

May 18, 2016
Tweet

More Decks by andresriancho

See All by andresriancho
C0999631eb2c54a20ee559c44f8c7080?s=48 andresriancho
0
260
C0999631eb2c54a20ee559c44f8c7080?s=48 andresriancho
2
2.2k
C0999631eb2c54a20ee559c44f8c7080?s=48 andresriancho
1
5k
C0999631eb2c54a20ee559c44f8c7080?s=48 andresriancho
0
520
C0999631eb2c54a20ee559c44f8c7080?s=48 andresriancho
1
2k
C0999631eb2c54a20ee559c44f8c7080?s=48 andresriancho
0
67
C0999631eb2c54a20ee559c44f8c7080?s=48 andresriancho
1
67
C0999631eb2c54a20ee559c44f8c7080?s=48 andresriancho
0
350
C0999631eb2c54a20ee559c44f8c7080?s=48 andresriancho
0
290

Other Decks in Technology

See All in Technology
7e6a435700dda6cdb22105d601f20892?s=48 picardparis
4
2k
A64ac825509279a770c13c6fc517f11a?s=48 kawaguti
0
220
652359244199b2b5108a5e09c027e0da?s=48 ykanazawa
0
240
2102a6b8760bd6f57f672805723dd83a?s=48 line_developers_tw
0
540
40301c0affdf359eaca771713e22b71a?s=48 harshbothra
0
420
A64ac825509279a770c13c6fc517f11a?s=48 kawaguti
0
220
Aa254f26f91d4776b9cd19a7ce632867?s=48 ciniml
0
180
F400611942a8b7a695f741f9a720fcf8?s=48 koooootake
9
1.3k
3744945b353aca873f215d885310cc4c?s=48 meiradania
0
160
0af658ea4f11fa7bf803115451890d4c?s=48 ararajp
2
640
88f4e84b94fe07cddbd9e6479d689192?s=48 soudai
1
380
9e7a653ed313b3da4b263a772bfc5026?s=48 clustervr
0
200

Featured

See All Featured
E4f5d494ebdc9e7cce1aecf3ce3e8bc1?s=48 shpigford
366
42k
C7393b7ba7ec9c8890dd77d209fbb3c9?s=48 maltzj
499
36k
E43f8dfd01057f8304f5f8fb9a294d7d?s=48 jeffersonlam
325
14k
2f5463832ccb768ccb4a1ca3607c27ef?s=48 jacobian
251
19k
15f2b8221f247985a27a627d2ece72f0?s=48 pauljervisheath
193
15k
32de0bd2ba869609d26fd052a4622778?s=48 cromwellryan
100
5.7k
761be20b5ebd271008bcee1244fc5b52?s=48 matthewcrist
70
7k
E76911cbe088e5b850d966de3fc7435b?s=48 robhawkes
52
2.7k
5b6a2bd86ef643786a381a212e0ef2f1?s=48 geoffreycrofte
11
290
2bb923c57a1fdc3a2eb484bb8d565fd2?s=48 ufuk
55
5.2k
465724d73fe3a92c0879fdfb43a3a6f3?s=48 philhawksworth
190
8.7k
170b760e0147792d0140e59ec78e9893?s=48 eitanlees
106
9.5k

Transcript

  1. None

  2. ▪ ▪ ▪ ▪ ▪ ▪

  3. ▪ ▪ ▪ ▪

  4. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  5. None
  6. None

  7. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  8. ▪ ▪ ▪

  9. None
  10. None
  11. None

  12. ▪ ▪ ▪ ▪ ▪ ▪

  13. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  14. String query = "select * from customers where group =

    "; query += request.getParameter("group"); rowMapper = new RowMapper<Customer>() { @Override public Customer mapRow(ResultSet rs, int rowNum) throws SQLException { return new Customer(rs.getLong("id"), rs.getString("first_name"), rs.getString("group")); } }; jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/customers?group=12

  15. String query = "select * from customers where group =

    " query += request.getParameter("group"); jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/query?group=1 OR 1=1 SELECT * FROM customers where group=1 OR 1=1
  16. None
  17. None

  18. ▪ ▪

  19. ▪ ▪ … ▪ ▪ … ▪ ▪ ▪ ▪

  20. ▪ ▪ ▪

  21. <html> <h1>Comentarios</h1> <h3>Hola!</h3> <p><script>alert("Controlado por el intruso")</script></p> </html>

  22. None

  23. /hello?name=<script>alert(‘xss’)</script> <p>Hi <script>alert(‘xss’)</script></p> @RequestMapping("/hello") @ResponseBody protected String handleHello(HttpServletRequest request){ String

    name = request.getParameter("name"); return String.format(“<p>Hi %s</p>", name); }

  24. /hello?name=<script>alert(‘xss’)</script> <p>Hi &lt;script&gt;alert(&quot;xss&quot;)&lt;/script&gt;</p> Hi <script>alert(‘xss’)</script> import org.springframework.web.util.HtmlUtils; @RequestMapping("/hello") @ResponseBody protected

    String handleHello(HttpServletRequest request){ String name = request.getParameter("name"); return String.format("<p>Hi %s</p>", HtmlUtils.htmlEscape(name)); }
  25. None

  26. ▪ ▪ ▪

  27. ▪ ▪ <img src=http://home-banking.com/transfer?dst=1234&amount=3>

  28. None
  29. None

  30. ▪ •

  32. None

  33. ▪ ▪

  34. None

  35. ▪ ▪

  36. ▪ …

  37. ▪ ▪ if not has_authorization(user, action, object): raise AuthorizationException(user, action,

    object) action(user, object)
  38. None

  39. ▪ ▪ ▪ ▪

  40. None
  41. None