Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Known Drupal Vulnerabilities and OWASP’s Top10

andresriancho
May 18, 2016
Technology
0
230

Known Drupal Vulnerabilities and OWASP’s Top10

Prepared this talk for the Buenos Aires Drupal meetup

andresriancho

May 18, 2016
Tweet

More Decks by andresriancho

See All by andresriancho
Step by step AWS Cloud Hacking
andresriancho
0
610
Step by step AWS Cloud Hacking
andresriancho
2
2.8k
Internet-Scale analysis of AWS Cognito Security
andresriancho
1
12k
Threat Modelling
andresriancho
0
1.2k
Automated Security Analysis AWS Clouds
andresriancho
1
3.1k
Injecting into URLs / Breaking URL-Encoding
andresriancho
0
220
Galería de Fallos en Unicornios
andresriancho
1
170
Esoteric Web Application Vulnerabilities
andresriancho
0
880
String Compare Timing Attacks
andresriancho
0
530

Other Decks in Technology

See All in Technology
データ基盤におけるIaCの重要性とその運用
mtpooh
4
570
【NGK2025S】動物園(PINTO_model_zoo)に遊びに行こう
kazuhitotakahashi
0
260
生成AIのビジネス活用
seosoft
0
110
.NET 最新アップデート ~ AI とクラウド時代のアプリモダナイゼーション
chack411
0
200
深層学習と3Dキャプチャ・3Dモデル生成(土木学会応用力学委員会 応用数理・AIセミナー)
pfn
PRO
0
460
0→1事業こそPMは営業すべし / pmconf #落選お披露目 / PM should do sales in zero to one
roki_n_
PRO
1
1.6k
なぜfreeeはハブ・アンド・スポーク型の データメッシュアーキテクチャにチャレンジするのか?
shinichiro_joya
2
530
Evolving Architecture
rainerhahnekamp
3
260
Kotlin Multiplatformのポテンシャル
recruitengineers
PRO
2
150
Oracle Base Database Service 技術詳細
oracle4engineer
PRO
6
55k
comilioとCloudflare、そして未来へと向けて
oliver_diary
6
460
20250116_自部署内でAmazon Nova体験会をやってみた話
riz3f7
1
110

Featured

See All Featured
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
19
2.4k
BBQ
matthewcrist
85
9.4k
Imperfection Machines: The Place of Print at Facebook
scottboms
267
13k
The Pragmatic Product Professional
lauravandoore
32
6.4k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
Building Flexible Design Systems
yeseniaperezcruz
328
38k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.2k
VelocityConf: Rendering Performance Case Studies
addyosmani
327
24k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
330
21k
Why You Should Never Use an ORM
jnunemaker
PRO
54
9.1k
Why Our Code Smells
bkeepers
PRO
335
57k

Transcript

  1. None

  2. ▪ ▪ ▪ ▪ ▪ ▪

  3. ▪ ▪ ▪ ▪

  4. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  5. None
  6. None

  7. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  8. ▪ ▪ ▪

  9. None
  10. None
  11. None

  12. ▪ ▪ ▪ ▪ ▪ ▪

  13. ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪

  14. String query = "select * from customers where group =

    "; query += request.getParameter("group"); rowMapper = new RowMapper<Customer>() { @Override public Customer mapRow(ResultSet rs, int rowNum) throws SQLException { return new Customer(rs.getLong("id"), rs.getString("first_name"), rs.getString("group")); } }; jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/customers?group=12

  15. String query = "select * from customers where group =

    " query += request.getParameter("group"); jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/query?group=1 OR 1=1 SELECT * FROM customers where group=1 OR 1=1
  16. None
  17. None

  18. ▪ ▪

  19. ▪ ▪ … ▪ ▪ … ▪ ▪ ▪ ▪

  20. ▪ ▪ ▪

  21. <html> <h1>Comentarios</h1> <h3>Hola!</h3> <p><script>alert("Controlado por el intruso")</script></p> </html>

  22. None

  23. /hello?name=<script>alert(‘xss’)</script> <p>Hi <script>alert(‘xss’)</script></p> @RequestMapping("/hello") @ResponseBody protected String handleHello(HttpServletRequest request){ String

    name = request.getParameter("name"); return String.format(“<p>Hi %s</p>", name); }

  24. /hello?name=<script>alert(‘xss’)</script> <p>Hi &lt;script&gt;alert(&quot;xss&quot;)&lt;/script&gt;</p> Hi <script>alert(‘xss’)</script> import org.springframework.web.util.HtmlUtils; @RequestMapping("/hello") @ResponseBody protected

    String handleHello(HttpServletRequest request){ String name = request.getParameter("name"); return String.format("<p>Hi %s</p>", HtmlUtils.htmlEscape(name)); }
  25. None

  26. ▪ ▪ ▪

  27. ▪ ▪ <img src=http://home-banking.com/transfer?dst=1234&amount=3>

  28. None
  29. None

  30. ▪ •

  32. None

  33. ▪ ▪

  34. None

  35. ▪ ▪

  36. ▪ …

  37. ▪ ▪ if not has_authorization(user, action, object): raise AuthorizationException(user, action,

    object) action(user, object)
  38. None

  39. ▪ ▪ ▪ ▪

  40. None
  41. None