Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 3 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved.

Similar documents

第2回_416.ppt

5-5_arai_JPNICSecSemi_XssCsrf_CM_ PDF

¥Í¥Ã¥È¥ï¡¼¥¯¥×¥í¥°¥é¥ß¥ó¥°ÆÃÏÀ

HTTP Web Web RFC2616 HTTP/1.1 Web Apache Tomcat (Servlet ) XML Xindice Tomcat 6-2

Web のクライアントサーバモデル

- 2 Copyright (C) All Rights Reserved.

第3回_416.ppt

Microsoft PowerPoint - webapp.ppt [互換モード]

Copyright 2008 All Rights Reserved 2

ハピタスのコピー.pages

相続支払い対策ポイント

150423HC相続資産圧縮対策のポイント

最新 Web トレンドレポート (06.04) ~ Exploit-DB( より公開されている内容に基づいたトレンド情報ですサマリーペンタセキュリティシステムズ株式会社 R&D センターデータセキュリティチーム 06 年 4

¥Í¥Ã¥È¥ï¡¼¥¯¥×¥í¥°¥é¥ß¥ó¥°ÆÃÏÀ

Session Fixation ID ID ID ID WhiteHat Security 1) 12% Session Fixation MBSD 2) Session Fixation Session Fixation ID ID ID ID ID Session Fixation ID ID

初心者にもできるアメブロカスタマイズ新2016.pages

Systemwalker IT Service Management Systemwalker IT Service Management V11.0L10 IT Service Management - Centric Manager Windows

Copyright All Rights Reserved. -2 -!

IPA:セキュアなインターネットサーバー構築に関する調査

サマリー EDB-Report ペンタセキュリティシステムズ株式会社 R&D センターデータセキュリティチーム 06 年 8 月に公開された Exploit-DB の分析結果 Cross Site Scripting の攻撃に対する脆弱性報告件数が最も多かったです発見された Cross Site

Copyright 2010 Sumitomo Mitsui Banking Corporation. All Rights Reserved.

Microsoft Word - 最終版　バックせどりismマニュアル .docx

Copyright 2006 KDDI Corporation. All Rights Reserved page1

スマートアヴェニュー　ご利用マニュアル

EDB-Report 最新 Web トレンドレポート (05.) 05..0~05.. Exploit-DB( より公開されている内容に基づいたトレンド情報ですペンタセキュリティシステムズ株式会社 R&D センターデータセキュリティチームサマリー 05

25 About what prevent spoofing of misusing a session information

Copyright Qetic Inc. All Rights Reserved. 2

96 8 PHPlot 1. ( 8.1) 4 1: // 2: // $_SERVER[ HTTP_REFERER ]... 3: // $_SERVER[ HTTP_USER_AGENT ]... 4: // $_SERVER[ REMOTE_ADDR ]... ( ) 5: // $_SERV

Phishing対策のためのMutualアクセス認証〜 MutualTestFoxの公開について〜

- 2 Copyright (C) All Rights Reserved.

GulfStar1.5ユーザーマニュアル

最新 Web 脆弱性トレンドレポート (05.09) ~ Exploit-DB( より公開されている内容に基づいた脆弱性トレンド情報ですサマリーペンタセキュリティシステムズ株式会社 R&D センターデータセキュリティチーム

how-to-decide-a-title

実施していただく前に

最新 Web 脆弱性トレンドレポート (08.0) ~08.0. Exploit-DB( より公開されている内容に基づいた脆弱性トレンド情報ですペンタセキュリティシステムズ株式会社 R&D センターデータセキュリティチームサマリー 08 年

健康保険組合のあゆみ_top

リバースマップ原稿2

Web XXX.XXX.XXX.XXX - - [02/May/2010:12:52: ] "GET /url/url2/page2.htm HTTP/1.1" " "(compatibl

コンテントネゴシエーション

…l…b…g…‘†[…N…v…“…O…›…~…ﬁ…OﬁÁŸ_

Si-R180　ご利用にあたって

MultiPASS Suite 3.20 使用説明書

[ ][ ] HTML [ ] HTML HTML

サマリー EDB-Report 最新 Web 脆弱性トレンドレポート (05.07) ~ Exploit-DB( より公開されている内容に基づいた脆弱性トレンド情報ですペンタセキュリティシステムズ株式会社 R&D センターデー

アクセシビリティガイドライン骨子

CAS Yale Open Source software Authentication Authorization (nu-cas) Backend Database Authentication Authorization Powered by A

やよいの顧客管理

弥生給与/やよいの給与計算

弥生シリーズ

弥生会計プロフェッショナル/スタンダード/やよいの青色申告

弥生会計/やよいの青色申告

弥生会計ネットワーク/プロフェッショナル2ユーザー

意外と簡単!?

FileMaker 15 WebDirect ガイド

MultiPASS B-20 MultiPASS Suite 3.10使用説明書

iPhone/iPad/Android(TM) とベリサインアイデンティティプロテクション(VIP)エンタープライズゲートウェイとの組み合わせによるL2TP+IPsecのワンタイムパスワード設定例

Copyright 2008 NIFTY Corporation All rights reserved. 2

Cisco® ASA シリーズルーター向けDigiCert® 統合ガイド

WordPress Ktai Style Ktai Entry 18 Mac 18

Windows Oracle -Web - Copyright Oracle Corporation Japan, All rights reserved.

P2P? ( )? ( SOX ) ( ) COPYRIGHT 2005 SSH COMMUNICATIONS SECURITY CORP. ALL RIGHTS RESERVED. 2

橡t15-shibuya.kashiwa.ppt

XMLアクセス機能説明書

MOTIF XF 取扱説明書

1000 Copyright(C)2009 All Rights Reserved - 2 -

FileMaker Server Getting Started Guide

■サイトを定義する

PowerPoint プレゼンテーション

1-3 Perl 1 Perl ( 1) ( ) ( 2) Perl 1 Perl Perl CGI Web Web Perl /usr/bin/perl #! -- ( 2 ) ( 2) ( 2) 2 ( ) Windows

Do No Track 実装ガイド

Plan of Talk CAS CAS 2 CAS Single Sign On CAS CAS 2 CAS Aug. 19, 2005 NII p. 2/32

shio_ r2.ppt[読み取り専用]

FileMaker Server Getting Started Guide

Transcription:

2006 12 14 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 2

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 3 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 4

18 3 2 ( ) p.11 p.12 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 5 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 6

- Erroneous Error Handling - Information Leakage web - Session Hijacking/Replay - OS Command Injection - Session Fixation - SQL Injection - Brute Force Password check - Buffer Overflow - Forceful Browsing - Parameter manipulation - Back door and Debug mode web - phishing pharming - - Erroneous Error Handling - Information Leakage - Cross Site Scripting XSS - - Cross Site Request Forgery CSRF - F/W Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 7 Buffer Overflow Cross-Site Scripting Parameter Manipulation Backdoor & Debug Options SQL Injection OS Command Injection Client Side Comment Error Codes Forceful Browsing Unnecessary Information HTTPS Misuse Cross-Site Request Forgeries Unnecessary File Server misconfiguration Insecure Cookies Session Hijack Session Replay Session Fixation Known Vulnerability Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 8

Buffer Overflow GET/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u 6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190 %u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 9 Cross-Site Scripting http://www.example.com/show.cgi?text=<script>alert()</script> Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 10

Cross-Site Scripting Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 11 Parameter Manipulation http://www.example.com/buy.cgi?id=30&num=3&price=123 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 12

Backdoor & Debug Options Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 13 SQL Injection Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 14

SQL Injection select id from user_table where id= ${id} and pw= ${pw} or 1=1 -- abc select id from user_table where id= or 1=1 -- and pw= abc where SQL Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 15 SQL Injection xxx' and 1=1-- xxx' and 1=0-- and absinthe http://www.0x90.org/releases/absinthe/ Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 16

OS Command Injection Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 17 Client Side Comment Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 18

Error Codes Unnecessary Information Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 19 Forceful Browsing Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 20

Unnecessary Information Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 21 HTTPS Misuse Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 22

Cross-Site Request Forgeries http://www.example.com/buy.cgi?productid=ax123&num=10&action=finish hidden hidden Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 23 Cross-Site Request Forgeries Cookie Cookie Cookie <a href=http://www.example.com/taikai.php?action=finish> </a> Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 24

Unnecessary File /var/www/htdocs/ Image/ css/ script/ data/ toiawase.dat exec.cgi Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 25 Unnecessary File Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 26

Server misconfiguration Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 27 Insecure Cookies https://www.example.com/ Set-Cookie: ssid=1392383 http://www.example.com:443/ Cookie: ssid=1392383 Set-Cookie: ssid=hkhd3ksa31gak9f; secure Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 28

Session Hijack Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 29 Session Replay http://server/aa.cgi?ssid=xxxxxx Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 30

Session Fixation http://www.example.com/index.php?phpsessid=abcdefg http://www.example.com/index.jsp;jsessionid=jk3lsw8fjhgyt10 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 31 Session Fixation <a href="http://www.example.com/index.php? PHPSESSID=abcdefg"> </a> http://www.example.com/index.php?phpsessid=abcdefg Cookie Set-Cookie: PHPSESSID=abcdefg Cookie: PHPSESSID=abcdefg Cookie: PHPSESSID=abcdefg Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 32

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 33 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 34

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 35 Authentication 2005.4 http://www.fsa.go.jp/singi/singi_fccsg/gaiyou/f-20050415-singi_fccsg/02.pdf Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 36

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 37 100MbpsLAN PC 0.00062 3 30 0.038 3 30 2.38 9 2.46 1 2.54 95 6.57 5,900 13.58 36 69 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 38

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 39 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 40

id=naka, pw=ieog39sj pw hash( ieog39sj ) Pc0gGUJNM4fr4 MHn+9JhQQ naka, Pc0gGUJNM4fr4MHn+9JhQQ ID Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 41 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 42

1 Keep-Alive Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 43 GET / HTTP/1.1 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwaveflash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* Accept-Language: ja Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.1;.NET CLR 1.1.4322) Host: www.example.com Connection: Keep-Alive HTTP/1.0 200 OK Date: Wed, 29 Nov 2006 08:21:21 GMT Server: Apache Content-Length: 17463 Connection: close Content-Type: text/html; charset=shift_jis <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 44

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 45 GET /auth/index.html HTTP/1.1 Accept: */* Accept-Language: ja Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.1;.NET CLR 1.1.4322) Host: www.example.com Connection: Keep-Alive Authorization: Basic Z3Vlc3Q6Zm9vYmFy Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 46

$ perl -MMIME::Base64 -e 'print MIME::Base64::decode_base64("Z3Vlc3Q6Zm9vYmFy");' guest::foobar Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 47 GET /auth2/index.html HTTP/1.1 Accept: */* Accept-Language: ja Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.1;.NET CLR 1.1.4322) Host: www.example.com Connection: Keep-Alive Pragma: no-cache Authorization: Digest username="guest", realm="sec", qop="auth", algorithm="md5", uri="/auth2/index.html",nonce="yfgkvbijbaa=2a8b5d8f5e1d4f4f342a457d8b604640f5 1347d5", nc=00000001, cnonce="bfae40a7d3fdeb264eb078563de43943",response= "44985ca43eb4c7001c9948efcfa23a1f" Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 48

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 49 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 50

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 51 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 52

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 53 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 54

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 55 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 56

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 57 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 58

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 59 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 60

<input type= hidden name= sec_key value= ALG2K9Q0E > Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 61 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 62

$str =~ / d+/; $str =~ /^ d+$/; Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 63 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 64

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 65 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 66

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 67 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 68

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 69 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 70

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 71 xss_ Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 72

"><script>alert()</script> Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 73 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 74

Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 75 Copyright 2006 Mitsui Bussan Secure Directions, Inc. All Rights Reserved. 76