2014 guestlecture-infosec2. So who’s this guy?
Boy Baukema
Security Specialist & Senior Engineer
@ Ibuildings.nl
boy@ibuildings.nl
twitter: @relaxnow
2
Wednesday, March 12, 14
4. A Security what?
Security Specialist:
Senior Software Engineer
+ R&D Security
+ Security Training
+ Internal Consulting
+ Internal Security Audits
+ External Security Audits
4
Wednesday, March 12, 14
5. Okay, what’s he doing here?
‣ Introduction
(10m)
‣ Before We Dive In
(10m)
‣ OWASP TOP 11 2013
(+/- 15m per item)
‣ Where To Next?
(10m)
5
Wednesday, March 12, 14
9. Ethical Hacking & The (Dutch) Law
9
blog.iusmentis.com
Artikel 138ab &
138b
Wednesday, March 12, 14
12. OWASP Top 10 2013 BONUS - Clickjacking
12http://www.youtube.com/watch?v=DRQ8oC2MWAg
Wednesday, March 12, 14
14. A10-Unvalidated Redirects and Forwards
http://goo.gl/Gmzqv
https://www.bank.com:login.html@phisher.cn/
http://www.bank.com:login.html@74.125.131.105
http://www.bank.com:login.html@1249739625/
http://www.bank.com:login.html@0x4a.0x7d.0x83.0x69/
http://www.bank.com:login.html@0112.0175.0203.0151/
http://pc-help.org/o%62s%63ur%65%2e%68t%6D
14
Wednesday, March 12, 14
15. A9-Using Components with Known Vulnerabilities
174.34.252.13 – - [03/Feb/2014:01:01:08 -0500] “POST /index.php?
option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20&6bc427c8a7981f4f
e1f5ac65c1246b5f=cf6dd3cf1923c950586d0dd595c8e20b HTTP/1.1″ 500 885 “-” “BOT/0.1 (BOT for JCE)”
174.34.252.13 – - [03/Feb/2014:01:01:08 -0500] “POST /index.php?
option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&version=1576&cid=20 HTTP/1.1″ 404 5923 “-”
“BOT/0.1 (BOT for JCE)”
174.34.252.13 – - [03/Feb/2014:01:01:08 -0500] “POST /blog/2014/01/14/vulnerability-in-joomla-1-6-1-7-
and-2-5-0-2-5-2-being-exploited-now/index.php?
option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20&6bc427c8a7981f4fe1f5a
c65c1246b5f=cf6dd3cf1923c950586d0dd595c8e20b HTTP/1.1″ 500 885 “-” “BOT/0.1 (BOT for JCE)”
174.34.252.13 – - [03/Feb/2014:01:01:08 -0500] “POST /blog/2014/01/14/vulnerability-in-joomla-1-6-1-7-
and-2-5-0-2-5-2-being-exploited-now/index.php?
option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&version=1576&cid=20 HTTP/1.1″ 404 6290 “-”
“BOT/0.1 (BOT for JCE)”
174.34.252.13 – - [03/Feb/2014:01:01:10 -0500] “POST /blog/2014/01/14/vulnerability-in-joomla-1-6-1-7-
and-2-5-0-2-5-2-being-exploited-now/index.php?
option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&cid=20&6bc427c8a7981f4fe1f5a
c65c1246b5f=cf6dd3cf1923c950586d0dd595c8e20b HTTP/1.1″ 500 885 “-” “BOT/0.1 (BOT for JCE)”
174.34.252.13 – - [03/Feb/2014:01:01:10 -0500] “POST /blog/2014/01/14/vulnerability-in-joomla-1-6-1-7-
and-2-5-0-2-5-2-being-exploited-now/index.php?
option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&version=1576&cid=20 HTTP/1.1″ 404 6290 “-”
“BOT/0.1 (BOT for JCE)”
174.34.252.13 – - [03/Feb/2014:01:01:11 -0500] “GET /blog/2014/01/14/vulnerability-in-joomla-1-6-1-7-
and-2-5-0-2-5-2-being-exploited-now/images/stories/food.php?rf HTTP/1.1″ 404 6237 “-” “Mozilla/5.0 (Windows; U;
Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6″
15
Wednesday, March 12, 14
25. A2-Broken Authentication and Session Management
‣ Session Fixation
‣ Missing Session Timeout
‣ Login over HTTP
‣ Unprotected Password Reset
25
Wednesday, March 12, 14
26. HTTP Strict Transport Security
Strict-Transport-Security:
‣ max-age=60000;
‣ includeSubDomains
26
Wednesday, March 12, 14
30. Conferences, People & Resources
‣ Security.nl
‣ Owasp.org
‣ Hackvertor
‣ Webappsec.io
‣ Chris Cornutt
‣ Bruce Schneider
‣ OWASP BeNeLux
‣ OWASP EU
‣ Hack In The Box
‣ Black Hat Europe
30
Wednesday, March 12, 14