Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Known Drupal Vulnerabilities and OWASP’s Top10

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for andresriancho andresriancho
May 18, 2016
Technology
0
260

Known Drupal Vulnerabilities and OWASP’s Top10

Prepared this talk for the Buenos Aires Drupal meetup

Avatar for andresriancho

andresriancho

May 18, 2016
Tweet

More Decks by andresriancho

See All by andresriancho
Step by step AWS Cloud Hacking
Avatar for andresriancho andresriancho
0
630
Step by step AWS Cloud Hacking
Avatar for andresriancho andresriancho
2
2.9k
Internet-Scale analysis of AWS Cognito Security
Avatar for andresriancho andresriancho
1
13k
Threat Modelling
Avatar for andresriancho andresriancho
0
1.6k
Automated Security Analysis AWS Clouds
Avatar for andresriancho andresriancho
1
3.4k
Injecting into URLs / Breaking URL-Encoding
Avatar for andresriancho andresriancho
0
270
Galería de Fallos en Unicornios
Avatar for andresriancho andresriancho
1
260
Esoteric Web Application Vulnerabilities
Avatar for andresriancho andresriancho
0
1.1k
String Compare Timing Attacks
Avatar for andresriancho andresriancho
0
640

Other Decks in Technology

See All in Technology
RGBに陥らないために -プロダクトの価値を届けるまで-
Avatar for RightTouch righttouch
PRO
0
130
Tour of Agent Protocols: MCP, A2A, AG-UI, A2UI with ADK
Avatar for Mete Atamel meteatamel
0
120
CloudFrontのHost Header転送設定でパケットの中身はどう変わるのか?
Avatar for nagisa_53 nagisa53
1
220
脳が溶けた話 / Melted Brain
Avatar for Keisuke69 keisuke69
1
1.1k
15年メンテしてきたdotfilesから開発トレンドを振り返る 2011 - 2026
Avatar for giginet giginet
PRO
1
210
Change Calendarで今はOK?を仕組みにする
Avatar for tommy tommy0124
1
130
Zephyr(RTOS)でOpenPLCを実装してみた
Avatar for misoji engineer iotengineer22
0
160
SaaSに宿る21g
Avatar for Yamakan kanyamaguc
2
180
MCPで決済に楽にする
Avatar for mu7889yoon / Yuta Nakamura mu7889yoon
0
160
サイボウズ 開発本部採用ピッチ / Cybozu Engineer Recruit
Avatar for Cybozu cybozuinsideout
PRO
10
77k
Embeddings : Symfony AI en pratique
Avatar for Grégoire Pineau lyrixx
0
420
SaaSの操作主体は人間からAIへ - 経理AIエージェントが目指す深い自動化
Avatar for Motoshi Nishihira nishihira
0
120

Featured

See All Featured
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
35
2.4k
svc-hook: hooking system calls on ARM64 by binary rewriting
Avatar for Akira Moroo retrage
2
180
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
Avatar for Andy Polaine apolaine
0
250
Efficient Content Optimization with Google Search Console & Apps Script
Avatar for Katarina Dahlin katarinadahlin
PRO
1
440
Leadership Guide Workshop - DevTernity 2021
Avatar for David Neal reverentgeek
1
250
Designing Experiences People Love
Avatar for Jonathan Moore moore
143
24k
Technical Leadership for Architectural Decision Making
Avatar for Kenny Baas-Schwegler baasie
3
300
New Earth Scene 8
Avatar for Sydney Stone popppiees
2
1.9k
Music & Morning Musume
Avatar for Bryan Veloso bryan
47
7.1k
Context Engineering - Making Every Token Count
Avatar for Addy Osmani addyosmani
9
780
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.8k
Making Projects Easy
Avatar for Brett Harned brettharned
120
6.6k

Transcript

  1. None

  2. ▪ ▪ ▪ ▪ ▪ ▪

  3. ▪ ▪ ▪ ▪

  4. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  5. None
  6. None

  7. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  8. ▪ ▪ ▪

  9. None
  10. None
  11. None

  12. ▪ ▪ ▪ ▪ ▪ ▪

  13. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  14. String query = "select * from customers where group =

    "; query += request.getParameter("group"); rowMapper = new RowMapper<Customer>() { @Override public Customer mapRow(ResultSet rs, int rowNum) throws SQLException { return new Customer(rs.getLong("id"), rs.getString("first_name"), rs.getString("group")); } }; jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/customers?group=12

  15. String query = "select * from customers where group =

    " query += request.getParameter("group"); jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/query?group=1 OR 1=1 SELECT * FROM customers where group=1 OR 1=1
  16. None
  17. None

  18. ▪ ▪

  19. ▪ ▪ … ▪ ▪ … ▪ ▪ ▪ ▪

  20. ▪ ▪ ▪

  21. <html> <h1>Comentarios</h1> <h3>Hola!</h3> <p><script>alert("Controlado por el intruso")</script></p> </html>

  22. None

  23. /hello?name=<script>alert(‘xss’)</script> <p>Hi <script>alert(‘xss’)</script></p> @RequestMapping("/hello") @ResponseBody protected String handleHello(HttpServletRequest request){ String

    name = request.getParameter("name"); return String.format(“<p>Hi %s</p>", name); }

  24. /hello?name=<script>alert(‘xss’)</script> <p>Hi &lt;script&gt;alert(&quot;xss&quot;)&lt;/script&gt;</p> Hi <script>alert(‘xss’)</script> import org.springframework.web.util.HtmlUtils; @RequestMapping("/hello") @ResponseBody protected

    String handleHello(HttpServletRequest request){ String name = request.getParameter("name"); return String.format("<p>Hi %s</p>", HtmlUtils.htmlEscape(name)); }
  25. None

  26. ▪ ▪ ▪

  27. ▪ ▪ <img src=http://home-banking.com/transfer?dst=1234&amount=3>

  28. None
  29. None

  30. ▪ •

  32. None

  33. ▪ ▪

  34. None

  35. ▪ ▪

  36. ▪ …

  37. ▪ ▪ if not has_authorization(user, action, object): raise AuthorizationException(user, action,

    object) action(user, object)
  38. None

  39. ▪ ▪ ▪ ▪

  40. None
  41. None