Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Known Drupal Vulnerabilities and OWASP’s Top10
Search
andresriancho
May 18, 2016
Technology
270
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Known Drupal Vulnerabilities and OWASP’s Top10
Prepared this talk for the Buenos Aires Drupal meetup
andresriancho
May 18, 2016
More Decks by andresriancho
See All by andresriancho
Step by step AWS Cloud Hacking
andresriancho
0
640
Step by step AWS Cloud Hacking
andresriancho
2
3k
Internet-Scale analysis of AWS Cognito Security
andresriancho
1
13k
Threat Modelling
andresriancho
0
1.6k
Automated Security Analysis AWS Clouds
andresriancho
1
3.4k
Injecting into URLs / Breaking URL-Encoding
andresriancho
0
280
Galería de Fallos en Unicornios
andresriancho
1
270
Esoteric Web Application Vulnerabilities
andresriancho
0
1.2k
String Compare Timing Attacks
andresriancho
0
660
Other Decks in Technology
See All in Technology
人を動かすのは時間ではなく、納得感 〜新任EMが入社3ヶ月、組織を2回変えた話〜
kakehashi
PRO
3
220
Mastraエージェント、どのクラウドにデプロイする?
minorun365
PRO
2
180
Road to SRE NEXTの今までとこれから
hiroyaonoe
0
310
キャリアの中で本を作る / Making a Book During Your Career
ak1210
0
140
SRE本の知られざる名シーン / The Hidden Gems of Google SRE Book
nari_ex
1
380
大量データに対しても、生成AIを用いてリーズナブルにデータ加工をしたい!Databricksのai_queryについて調べてみた
kamoshika
1
120
ruby.wasmとPicoRuby.wasmに対応した仮想DOMライブラリを作ってる話 #kaigieffect_kaigi
sue445
PRO
0
140
美しいコードを書くためにF#を学んでみた話
yud0uhu
1
410
“それは自分の仕事じゃない"を越えて行け
yuukiyo
0
170
SRE Lounge Hiroshimaへの招待
grimoh
0
640
ボーイスカウトルールでメモリやスキルを改善しよう
azukiazusa1
2
960
シンガポールで登壇してきます
yama3133
0
120
Featured
See All Featured
Avoiding the “Bad Training, Faster” Trap in the Age of AI
tmiket
0
190
HTML-Aware ERB: The Path to Reactive Rendering @ RubyCon 2026, Rimini, Italy
marcoroth
2
320
Why You Should Never Use an ORM
jnunemaker
PRO
61
9.9k
Bioeconomy Workshop: Dr. Julius Ecuru, Opportunities for a Bioeconomy in West Africa
akademiya2063
PRO
1
170
Technical Leadership for Architectural Decision Making
baasie
3
440
Rebuilding a faster, lazier Slack
samanthasiow
85
9.6k
JAMstack: Web Apps at Ludicrous Speed - All Things Open 2022
reverentgeek
1
490
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
410
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
47
8.2k
Paper Plane (Part 1)
katiecoart
PRO
0
9.6k
Lightning Talk: Beautiful Slides for Beginners
inesmontani
PRO
2
600
Making Projects Easy
brettharned
120
6.7k
Transcript
None
▪ ▪ ▪ ▪ ▪ ▪
▪ ▪ ▪ ▪
▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪
None
None
▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪
▪ ▪ ▪
None
None
None
▪ ▪ ▪ ▪ ▪ ▪
▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪
String query = "select * from customers where group =
"; query += request.getParameter("group"); rowMapper = new RowMapper<Customer>() { @Override public Customer mapRow(ResultSet rs, int rowNum) throws SQLException { return new Customer(rs.getLong("id"), rs.getString("first_name"), rs.getString("group")); } }; jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/customers?group=12
String query = "select * from customers where group =
" query += request.getParameter("group"); jdbcTemplate.query(query, new Object[] {}, rowMapper); http://host.tld/query?group=1 OR 1=1 SELECT * FROM customers where group=1 OR 1=1
None
None
▪ ▪
▪ ▪ … ▪ ▪ … ▪ ▪ ▪ ▪
▪ ▪ ▪
<html> <h1>Comentarios</h1> <h3>Hola!</h3> <p><script>alert("Controlado por el intruso")</script></p> </html>
None
/hello?name=<script>alert(‘xss’)</script> <p>Hi <script>alert(‘xss’)</script></p> @RequestMapping("/hello") @ResponseBody protected String handleHello(HttpServletRequest request){ String
name = request.getParameter("name"); return String.format(“<p>Hi %s</p>", name); }
/hello?name=<script>alert(‘xss’)</script> <p>Hi <script>alert("xss")</script></p> Hi <script>alert(‘xss’)</script> import org.springframework.web.util.HtmlUtils; @RequestMapping("/hello") @ResponseBody protected
String handleHello(HttpServletRequest request){ String name = request.getParameter("name"); return String.format("<p>Hi %s</p>", HtmlUtils.htmlEscape(name)); }
None
▪ ▪ ▪
▪ ▪ <img src=http://home-banking.com/transfer?dst=1234&amount=3>
None
None
▪ •
▪
None
▪ ▪
None
▪ ▪
▪ …
▪ ▪ if not has_authorization(user, action, object): raise AuthorizationException(user, action,
object) action(user, object)
None
▪ ▪ ▪ ▪
None
None