info@winintsoft.com
www.RoyaltyFreeAudioLogo.com

Categories

 

May 2012
M T W T F S S
« Jul    
 123456
78910111213
14151617181920
21222324252627
28293031  

Security vulnerabilities: SQL Injection, XSS and CSRF

Despite there’s more and more programmers who are carefully studying the web application’s security, it’s still sometimes seems like as it’d be just the other way. Everyday you can hear a lot of news about the successful attacks against the well or less known servers, and the hackers are finding the new vulnerabilities and use them to hack the open source and proprietary software used in a lot of web servers.

One of the main reason of the vulnerable web application’s code is its complexity, so it’s a real challenge to maintain such a huge bunch of a code, sanitize every input in the web applications and analyze even the smallest changes in the code if they can affect the overall applications’ security.

The goal of this article is to educate you why it’s so important to write secure web application’s code and to show you how easy can attackers hack the applications running on the bad programmer’s work.

SQL Injection

Overview:
The point of this vulnerability is the ability to inject an arbitrary SQL code into the application which sends it completely unchecked to the database server. The back-end database server execute that SQL query.

What can hackers do exploiting this vulnerability:
They can start the DoS attacks, steal the data from the databases or to delete or modify the information they contain.
Continue reading Security vulnerabilities: SQL Injection, XSS and CSRF

June 8th, 2010 | Tags: , , , | Category: Programming, Security, Web | Leave a comment

Tools for PE format and malware analysis

The PE (Portable Executable) file format is an universal file format in Windows operating systems. It has a strictly defined structures and contained values it must to have. Only these strictly defined rules can guarantee the portability of the PE files and that they will work on every version of Windows. But that’s a little bit more complicated so now we are going to explore the tools which can analyze and customize the PE files as RAW (saved on the hard disk) data or loaded in the memory.
Continue reading Tools for PE format and malware analysis

June 6th, 2010 | Tags: , , , | Category: Programming, Security, Windows | Leave a comment

Buffer overflow for Windows IT professionals

Although there are a lot of great papers about buffer overflow in Linux, I think that Windows IT professionals don’t have so many sources to understand Windows buffer overflow issues. If you are interested in Windows and want to understand the principles of buffer overflow attacks, this article would be just for you.

What is buffer overflow?

Buffer overflow is one of the most exploited vulnerabilities today. Although it’s one of the oldest ones, many professional Windows administrators don’t understand it well. The reason of the problem is copying the higher amount of bytes to the memory than it really has allocated. For example take a look at the sample array with 30 allocated bytes – char some_array[30].

The whole user input (let’s say from username field) will be copied to 30 byte’s long array– strcpy(some_array, username_array). Everything’s right, unless the inputted user name is 29 chars long or less. If you inputted 30 or more chars, the application would crash and Windows shows up an error message.

Right now, we should take a look at the technique what is used by hackers to exploit the buffer overflow vulnerabilities and how to avoid buffer overflow bugs. I will show you the base of the buffer overflow in the simple proof-of-concept application and how easy it is to launch certain code by hackers. This exploitation demonstrate just redirecting the code flow instead of launching own shellcode. I decided so to keep this example as simple as it can be and to be easily understood by the most of readers.

This test vulnerable application and exploit was written in Dev-Cpp, which uses mingw32 compiler. The vulnerable application is really simple. It takes an argument and try to copy it to the 56 bytes length char array (the 56th byte is zero byte). That means application can hold at most 55 bytes (chars)+ zero byte. If you filled the application with 56 or 57 chars, it wouldn’t probably crash, but it is possible. Very much depends about the compiler settings and it’s optimization level, however 100 chars is really enough to crash this application for the most times.
Continue reading Buffer overflow for Windows IT professionals

May 25th, 2010 | Category: Programming, Security, Windows | Leave a comment
« Newer Entries