Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Known Drupal Vulnerabilities and OWASP’s Top10

andresriancho
May 18, 2016
Technology
0
220

Known Drupal Vulnerabilities and OWASP’s Top10

Prepared this talk for the Buenos Aires Drupal meetup

andresriancho

May 18, 2016
Tweet

More Decks by andresriancho

See All by andresriancho
Step by step AWS Cloud Hacking
andresriancho
0
580
Step by step AWS Cloud Hacking
andresriancho
2
2.7k
Internet-Scale analysis of AWS Cognito Security
andresriancho
1
11k
Threat Modelling
andresriancho
0
1k
Automated Security Analysis AWS Clouds
andresriancho
1
2.9k
Injecting into URLs / Breaking URL-Encoding
andresriancho
0
170
Galería de Fallos en Unicornios
andresriancho
1
120
Esoteric Web Application Vulnerabilities
andresriancho
0
740
String Compare Timing Attacks
andresriancho
0
460

Other Decks in Technology

See All in Technology
Java EE/Jakarta EEの現状と将来 ―クラウドネイティブ時代にJava EEは対応できるのか?―
takakiyo
1
170
どうするコスト最適化のトレードオフ
tetsuyaooooo
1
530
20分で完全に理解するGrafanaダッシュボード
hamadakoji
3
670
「スニダン」開発組織の構造に込めた意図 ~組織作りはパッションや政治ではない!~
rinchsan
3
570
Vertex AI を中心に 生成AIのアップデートを共有します
kaz1437
0
310
web-application-security
matsuihidetoshi
0
170
プロトタイピングによる不確実性の低減 / Reducing Uncertainty through Prototyping
ohbarye
5
390
Azureの基本的な権限管理の勉強会
yhana
0
590
自己改善からチームを動かす! 「セルフエンジニアリングマネージャー」のすゝめ
shoota
6
780
ChatworkのSRE部って実は 半分くらいPlatform Engineering部かもしれない
saramune
0
160
エンジニア候補者向け資料2024.04.24.pdf
macloud
0
3.3k
DevOpsメトリクスとアウトカムの接続にトライ!開発プロセスを通して計測できるメトリクスの活用方法
ham0215
2
240

Featured

See All Featured
Learning to Love Humans: Emotional Interface Design
aarron
267
39k
Automating Front-end Workflow
addyosmani
1356
200k
Fontdeck: Realign not Redesign
paulrobertlloyd
76
4.9k
The Pragmatic Product Professional
lauravandoore
25
5.8k
The Cult of Friendly URLs
andyhume
74
5.7k
Fireside Chat
paigeccino
21
2.6k
Practical Orchestrator
shlominoach
182
9.7k
How To Stay Up To Date on Web Technology
chriscoyier
782
250k
Designing Experiences People Love
moore
136
23k
Become a Pro
speakerdeck
PRO
11
4.5k
Imperfection Machines: The Place of Print at Facebook
scottboms
260
12k
Building a Modern Day 
E-commerce SEO Strategy
aleyda
17
6.4k

Transcript

  1. None

  2. ▪ ▪ ▪ ▪ ▪ ▪

  3. ▪ ▪ ▪ ▪

  4. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  5. None
  6. None

  7. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  8. ▪ ▪ ▪

  9. None
  10. None
  11. None

  12. ▪ ▪ ▪ ▪ ▪ ▪

  13. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  14. String query = "select * from customers where group =

    "; query += request.getParameter("group"); rowMapper = new RowMapper<Customer>() { @Override public Customer mapRow(ResultSet rs, int rowNum) throws SQLException { return new Customer(rs.getLong("id"), rs.getString("first_name"), rs.getString("group")); } }; jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/customers?group=12

  15. String query = "select * from customers where group =

    " query += request.getParameter("group"); jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/query?group=1 OR 1=1 SELECT * FROM customers where group=1 OR 1=1
  16. None
  17. None

  18. ▪ ▪

  19. ▪ ▪ … ▪ ▪ … ▪ ▪ ▪ ▪

  20. ▪ ▪ ▪

  21. <html> <h1>Comentarios</h1> <h3>Hola!</h3> <p><script>alert("Controlado por el intruso")</script></p> </html>

  22. None

  23. /hello?name=<script>alert(‘xss’)</script> <p>Hi <script>alert(‘xss’)</script></p> @RequestMapping("/hello") @ResponseBody protected String handleHello(HttpServletRequest request){ String

    name = request.getParameter("name"); return String.format(“<p>Hi %s</p>", name); }

  24. /hello?name=<script>alert(‘xss’)</script> <p>Hi &lt;script&gt;alert(&quot;xss&quot;)&lt;/script&gt;</p> Hi <script>alert(‘xss’)</script> import org.springframework.web.util.HtmlUtils; @RequestMapping("/hello") @ResponseBody protected

    String handleHello(HttpServletRequest request){ String name = request.getParameter("name"); return String.format("<p>Hi %s</p>", HtmlUtils.htmlEscape(name)); }
  25. None

  26. ▪ ▪ ▪

  27. ▪ ▪ <img src=http://home-banking.com/transfer?dst=1234&amount=3>

  28. None
  29. None

  30. ▪ •

  32. None

  33. ▪ ▪

  34. None

  35. ▪ ▪

  36. ▪ …

  37. ▪ ▪ if not has_authorization(user, action, object): raise AuthorizationException(user, action,

    object) action(user, object)
  38. None

  39. ▪ ▪ ▪ ▪

  40. None
  41. None