Post on 22-Dec-2015
Computer Security and Penetration Testing 2
Objectives
• Describe the evolution of programming exploits
• Recognize vulnerabilities in ActiveX controls
• Identify steps to counter vulnerabilities in ActiveX controls
• Recognize vulnerabilities in VBScript
• Identify steps to counter vulnerabilities in VBScript
Computer Security and Penetration Testing 3
Objectives (continued)
• Recognize vulnerabilities in HTML
• Identify steps to counter vulnerabilities in HTML
• Recognize vulnerabilities in Java and JavaScript
• Identify steps to counter vulnerabilities in Java and JavaScript
C and C++
• Vulnerabilities in the C and C++ Programming Languages.
- Buffer over-runs
- Failure to handle errors
- Improper file access
• C and C++ Security Measures
Computer Security and Penetration Testing 4
.NET Framework
• Vulnerabilities in the .NET Framework
- Cross-site scripting
- Integer overflow
• Countering .NET Framework Vulnerabilities
Computer Security and Penetration Testing 6
Computer Security and Penetration Testing 7
HTML5
• Hypertext Markup Language (HTML)– Most basic script used to develop Web pages– Uses a set of markup tags to define the structure of
Web pages• Browsers represent pages by interpreting these tags
• HTML is not a dynamic language– Cannot be executed successfully except within a Web
browser
Computer Security and Penetration Testing 8
HTML5 (continued)
• HTML is essentially bulletproof and benign as long as it is used to display static text
• Arbitrary requirements for more finished and sophisticated pages– Have required the development of many more tags
and formatting conventions
• With increased complexity came increased opportunities for hackers to discover vulnerabilities
Computer Security and Penetration Testing 9
Countering HTML5 Vulnerabilities
• Make sure patches are up to date– Pay attention when new exploits are reported
• Activate the automated patch management software
• Turn off services and features that you– Know to be vulnerable to attack– Do not understand– Do not use
• Avoid known dangerous sites by installing and updating security software
Computer Security and Penetration Testing 10
Countering HTML5 Vulnerabilities (continued)
• Secure transfer of data has been made available by protocols such as Secure Sockets Layer (SSL)– The way Internet Explorer handled SSL was
discovered to be susceptible to a man-in-the-middle exploit
• Generating random encryption keys of 40 or 128 bits in length has solved this problem
Computer Security and Penetration Testing 11
Java and JavaScript
• Java is a programming language that is compiled into applications or applets
• Java applications are stand-alone applications– Run on the server or are downloaded to the client
• JavaScript is a scripting language that runs between <script> tags in a Web page
• A JavaScript cannot operate on its own, and is not compiled to run
Computer Security and Penetration Testing 12
Java
• Object-oriented programming language (OOP) developed by Sun Microsystems
• Designed to run in a platform-independent manner using Java Runtime Environment (JRE)– Installed on the client computer as its sandbox
• In Java, each function is modularized
• With this low-level modularization– There is less of a chance that updating one piece of
the application will break other parts
Computer Security and Penetration Testing 13
Java (continued)
• Java was intended to be developed quickly with pretested parts
• Java applets provide functionality on the Internet– Require Java-enabled browsers
• Java is machine-safe– Can only act upon other objects within the JRE
• Java has no access to write, modify, or delete files on the hard drive or to modify the operating system
Computer Security and Penetration Testing 14
JavaScript
• Scripting language developed by Netscape Communications Corporation
• Similar to VBScript in terms of implementation
• Almost every browser on almost every platform is JavaScript-enabled
• Like Java, requires a runtime environment
• As a script, the network bandwidth and client-side memory resource use is less than that required for the larger and more robust Java
Computer Security and Penetration Testing 15
Security Vulnerabilities in Java
• Vulnerabilities of Java:– Client-side malevolent applets– Server-side cross-scripting– Server-side address spoofing
• A substantial percentage of vulnerabilities are related to vulnerabilities in the JRE– Which can result in applets arbitrarily giving
themselves elevated privileges
Computer Security and Penetration Testing 17
Security Vulnerabilities in Java (continued)
• Because Java is a platform-independent technology– Issues such as malevolent applets can be used
against any platform that has the JRE installed
• Client-side attacks include:– Attacks on file integrity– Buffer overflow– Storm attacks– Denial-of-service attacks– Disclosure attacks– Annoyance attacks
Computer Security and Penetration Testing 18
Vulnerabilities in JavaScript
• Vulnerabilities are similar to those in VBScript
• JavaScript vulnerabilities allow:– Sending e-mail messages with information about the
target computer to a client– Opening and closing applications on the target
computer– Modifying files on the victim’s computer
• Main threat posed by JavaScript– May be used to download components on a user’s
computer without his or her knowledge
Computer Security and Penetration Testing 19
Countering Java and JavaScript Vulnerabilities
• Best preventative measure for an end user– Perform all updates as soon as they are available– Keep virus definitions in their antivirus or security
program updated
• Set the Internet Options Control Panel– To ask for permission before running JavaScripts or
downloading Java applets
• Check the authenticity of the validation signatures attached to applets and scripts
Computer Security and Penetration Testing 20
Countering Java and JavaScript Vulnerabilities (continued)
• Check for security of links available on the signed scripts
• Programmers should develop and adhere to secure programming guidelines– And sign their scripts
Computer Security and Penetration Testing 21
Summary
• Programming exploits are the defects in various programming languages that are used to develop server-side and client-side applications
• ActiveX controls are stand-alone compiled applications that make it possible to link and allow interactions between various applications
• The design flaw in ActiveX is that it can do anything the user can do
• Attackers can use ActiveX to modify resources on an implementation of Windows
Computer Security and Penetration Testing 22
Summary (continued)
• To safeguard against attacks, end users should install the most recent and stable version of Internet Explorer available
• VBScript can be used within HTML tags to produce a dynamic HTML page
• One of the most common exploits used on the Internet is a buffer overflow
• If you are administering a network, do not allow use of IE or Outlook
Computer Security and Penetration Testing 23
Summary (continued)
• If you are the administrator of a Web site, run an antivirus application on your Web server to search for known bad ActiveX controls
• Hypertext Markup Language (HTML) is the most basic script used to develop Web pages
• The most effective way to counter HTML-related exploits is to keep up with the latest patches
• Java and JavaScript languages
• The best preventive measure for end users is to perform all updates as soon as they are available