SlideShare una empresa de Scribd logo

[DevDay2018] Hacking for fun and profit - By: Dennis Stötzel, Head of Security Division at mgm technology partners Vietnam

DevDay.org
DevDay.org

Have you ever wondered how a day at work looks like for a professional hacker? In this talk, Dennis Stötzel will give you an introduction to web application security and show you what a security expert does for a living.

Tecnología
1 de 42
München/HQ Bamberg Berlin Đà Nẵng Dresden Grenoble Hamburg Cologne Leipzig Nuremberg Prague Washington Zug Hacking for fun and profit A day in the life of a professional hacker Dennis Stötzel 20/04/18
20.04.2018 2 Free Wifi?
20.04.2018 3
20.04.2018 4 A day in the life of a hacker… Morning Afternoon Evening
20.04.2018 5 A day in the life of a hacker… Morning: Make some money at a developer conference Afternoon Evening
20.04.2018 6 Blackhat vs. Whitehat
20.04.2018 7 The Pineapple Attack or How to make some crypto coins at a conference …
20.04.2018 8 Free Wifi?
20.04.2018 9 Setup
20.04.2018 11  hostapd: Create, configure and open an access point  dnsmasq: DNS forwarding and DHCP  Proxy  run all HTTP traffic through the proxy  easily control the content of HTTP requests  Strip security headers: Take away unwanted HTTP headers  Content-Security-Policy  Strict-Transport-Security  Caching / compression  … The Parts
20.04.2018 13 The script
20.04.2018 14 Putting it all together
20.04.2018 15
20.04.2018 16 Profit!
20.04.2018 17  Steal your sensitive data  passwords  banking data  …  Inject REAL malware into your browser  Abuse vulnerabilities in older browsers (or plugins like Flash)  gain control of your machine  make your computer a zombie What else COULD have happened?
20.04.2018 18 How to protect?
20.04.2018 19
20.04.2018 20  Do not blindly connect to any free wifi!!!!!1111 The User
20.04.2018 21  Do not blindly connect to any free wifi!!!!!1111  Prefer websites that use SSL  Don’t do sensitive transactions (like online banking) over an unknown wifi connection  Be careful when a website is suddenly HTTP instead of HTTPS  Use a VPN The User
20.04.2018 22  Use SSL/TLS  an evil AP cannot inject into an encrypted connection  Use HSTS (HTTP Strict Transport Security)  to defend against SSL stripping  Strict-Transport-Security: max-age=31536000  https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet  Use HSTS preloading  https://hstspreload.org The Websites
20.04.2018 23 A day in the life of a hacker… Morning: Make some money at a developer conference Afternoon: Work for the customer Evening
20.04.2018 24 whoami Dennis Stötzel Managing Principal Security Team mgm technology partners Vietnam  Born in Germany  Lived in Bolivia (South America), Germany, Spain, Vietnam  Studied Mathematics in Munich, Germany  6 years security consulting and development  Specializations in security  Penetration tests  Consultings around Secure Software Development Lifecycle (SDLC)  Source code analysis
20.04.2018 25
20.04.2018 26 We are proud of our 600+ engineers world wide
20.04.2018 27 We are happy to have 80+ employees here in Da Nang Vietnam
20.04.2018 28 We build software:  Web and mobile  Large enterprise customers in Germany We make software secure:  Security consulting  Penetration testing  Developer training
20.04.2018 29  Works only with the customer's consent  only on an exactly defined scope  only in an exactly defined time period  No illegal activities The Work of a Professional Penetration Tester
20.04.2018 30 SQL Injection
20.04.2018 31 SQL Injection Mr Dennis Web Application SELECT user FROM employees WHERE userid='Mr Dennis'
20.04.2018 32 SQL Injection
20.04.2018 33 SQL Injection Web Application SELECT user FROM employees WHERE userid='foo' UNION SELECT salary FROM employees WHERE userid LIKE '%' foo' UNION SELECT ...
20.04.2018 34 http://imgs.xkcd.com/comics/exploits_of_a_mom.png
20.04.2018 35 SQL Injection Consequences  Several attacks can be conducted: UNION SELECT balance FROM account; ; UPDATE interest SET ... ; DELETE ... ; INSERT ...  and access to the file system:  One vulnerable web application may compromise the security of the whole system CREATE TABLE footable(data longblob); // create BLOB table INSERT INTO footable(data) VALUES(0x4d5a90…610000); // _ fill table with binary UPDATE footable SET data=CONCAT(data, 0xaa270000…000000); // _ data […]; // _ SELECT data FROM footable INTO DUMPFILE 'C:/WINDOWS/Temp/nc.exe'; // drop finished trojan
20.04.2018 36  Prepared Statements  Stored Procedures  Defense-in-Depth  Least privilege connections (database user having minimal access rights)  separated table spaces  Input Encoding  If dynamic SQL statements are required: SQL Injection - Countermeasures string strSanitizedInput = strInput.Replace("'", "''"); statement.executeQuery("SELECT * FROM MOVIES WHERE TITLE='" + StringEscapeUtils.escapeSql("McHale's Navy") + "'"); // org.apache.commons.lang
20.04.2018 37 SQL Injection – Parameterized Queries Language - Library Parameterized Query Java - Standard String custname = request.getParameter("customerName"); String query = "SELECT account_balance FROM user_data WHERE user_name = ? "; PreparedStatement pstmt = connection.prepareStatement( query ); pstmt.setString( 1, custname); ResultSet results = pstmt.executeQuery( ); Java - Hibernate Query safeHQLQuery = session.createQuery("from Inventory where productID=:productid"); safeHQLQuery.setParameter("productid", userSuppliedParameter); .NET/C# String query = "SELECT account_balance FROM user_data WHERE user_name = ?"; try { OleDbCommand command = new OleDbCommand(query, connection); command.Parameters.Add(new OleDbParameter("customerName", CustomerName Name.Text)); OleDbDataReader reader = command.ExecuteReader(); // … } catch (OleDbException se) { // error handling } ASP.NET string sql = "SELECT * FROM Customers WHERE CustomerId = @CustomerId"; SqlCommand command = new SqlCommand(sql); command.Parameters.Add(new SqlParameter("@CustomerId", System.Data.SqlDbType.Int)); command.Parameters["@CustomerId"].Value = 1; PHP - PDO $stmt = $dbh->prepare("INSERT INTO REGISTRY (name, value) VALUES (:name, :value)"); $stmt- >bindParam(':name', $name); $stmt->bindParam(':value', $value);
20.04.2018 38  OWASP https://www.owasp.org/index.php/SQL_Injection https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet https://www.owasp.org/index.php/Query_Parameterization_Cheat_Sheet  SQL Injection Cheat Sheet http://ferruh.mavituna.com/makale/sql-injection-cheatsheet/  Pentestmonkey Cheat Sheet http://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet  sqlmap http://sqlmap.sourceforge.net/ SQL Injection – Further Reading
20.04.2018 39 A day in the life of a hacker… Morning: Make some money at a developer conference Afternoon: Work for the customer Evening: Have a beer & hire some people
20.04.2018 40
20.04.2018 41  Curiosity for web application security  Understanding of web and browser technologies  HTTP, HTML, JS, SQL, etc.  Good English knowledge  University degree Profile
20.04.2018 42
20.04.2018 43  https://itviec.com/it-jobs/junior-web- application-security-engineer-mgm- technology-partners-vietnam-3735  Mail your CV to:  dennis.stoetzel@mgm-sp.com I want you!
20.04.2018 44 Innovation Implemented. mgm technology partners Vietnam Co.,Ltd 07 Pasteur, Đà Nẵng, Vietnam New office: 07 Phan Chau Trinh, Đà Nẵng, Vietnam https://www.facebook.com/mgmTechnologyPartnersVietnam/ Dennis Stötzel Mobile +84 126 2529693 E-Mail dennis.stoetzel@mgm-sp.com PragMunich Berlin Hamburg Cologne NurembergGrenoble LeipzigDresdenBamberg Đà Nẵng ZugWashington

Recomendados

[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
DevDay.org
 
Securing the Web @DevDay Da Nang 2018
Securing the Web @DevDay Da Nang 2018Securing the Web @DevDay Da Nang 2018
Securing the Web @DevDay Da Nang 2018
Sumanth Damarla
 
Owasp top 10_openwest_2019
Owasp top 10_openwest_2019Owasp top 10_openwest_2019
Owasp top 10_openwest_2019
Sean Jackson
 
2013 OWASP Top 10
2013 OWASP Top 102013 OWASP Top 10
2013 OWASP Top 10
bilcorry
 
Owasp top 10 2013
Owasp top 10 2013Owasp top 10 2013
Owasp top 10 2013
Edouard de Lansalut
 
Chapter 14 sql injection
Chapter 14 sql injectionChapter 14 sql injection
Chapter 14 sql injection
newbie2019
 
BlueHat v18 || Malicious user profiling using a deep neural net
BlueHat v18 || Malicious user profiling using a deep neural netBlueHat v18 || Malicious user profiling using a deep neural net
BlueHat v18 || Malicious user profiling using a deep neural net
BlueHat Security Conference
 
Secure code practices
Secure code practicesSecure code practices
Secure code practices
Hina Rawal
 

Recomendados

[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
DevDay.org
 
Securing the Web @DevDay Da Nang 2018
Securing the Web @DevDay Da Nang 2018Securing the Web @DevDay Da Nang 2018
Securing the Web @DevDay Da Nang 2018
Sumanth Damarla
 
Owasp top 10_openwest_2019
Owasp top 10_openwest_2019Owasp top 10_openwest_2019
Owasp top 10_openwest_2019
Sean Jackson
 
2013 OWASP Top 10
2013 OWASP Top 102013 OWASP Top 10
2013 OWASP Top 10
bilcorry
 
Owasp top 10 2013
Owasp top 10 2013Owasp top 10 2013
Owasp top 10 2013
Edouard de Lansalut
 
Chapter 14 sql injection
Chapter 14 sql injectionChapter 14 sql injection
Chapter 14 sql injection
newbie2019
 
BlueHat v18 || Malicious user profiling using a deep neural net
BlueHat v18 || Malicious user profiling using a deep neural netBlueHat v18 || Malicious user profiling using a deep neural net
BlueHat v18 || Malicious user profiling using a deep neural net
BlueHat Security Conference
 
Secure code practices
Secure code practicesSecure code practices
Secure code practices
Hina Rawal
 
Neoito — Secure coding practices
Neoito — Secure coding practicesNeoito — Secure coding practices
Neoito — Secure coding practices
Neoito
 
Secure programming with php
Secure programming with phpSecure programming with php
Secure programming with php
Mohmad Feroz
 
OWASP Top 10 - 2017 Top 10 web application security risks
OWASP Top 10 - 2017 Top 10 web application security risksOWASP Top 10 - 2017 Top 10 web application security risks
OWASP Top 10 - 2017 Top 10 web application security risks
Kun-Da Wu
 
Kioptrix 2014 5
Kioptrix 2014 5Kioptrix 2014 5
Kioptrix 2014 5
Jayesh Patel
 
Connection String Parameter Pollution Attacks
Connection String Parameter Pollution AttacksConnection String Parameter Pollution Attacks
Connection String Parameter Pollution Attacks
Chema Alonso
 
Top 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilitiesTop 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilities
Terrance Medina
 
Owasp first5 presentation
Owasp first5 presentationOwasp first5 presentation
Owasp first5 presentation
Ashwini Paranjpe
 
Proxy Caches and Web Application Security
Proxy Caches and Web Application Security Proxy Caches and Web Application Security
Proxy Caches and Web Application Security
Tim Bass
 
Security in Computing IT
Security in Computing ITSecurity in Computing IT
Security in Computing IT
Zairul Nizam
 
Unethical access to website’s databases hacking using sql injection
Unethical access to website’s databases hacking using sql injectionUnethical access to website’s databases hacking using sql injection
Unethical access to website’s databases hacking using sql injection
Satyajit Mukherjee
 
OWASP Top 10 Proactive Controls
OWASP Top 10 Proactive ControlsOWASP Top 10 Proactive Controls
OWASP Top 10 Proactive Controls
Katy Anton
 
Brute force
Brute forceBrute force
Brute force
Prajwal Panchmahalkar
 
Hack any website
Hack any websiteHack any website
Hack any website
sunil kumar
 
OWASP Top 10 2017 rc1 - The Ten Most Critical Web Application Security Risks
OWASP Top 10 2017 rc1 - The Ten Most Critical Web Application Security RisksOWASP Top 10 2017 rc1 - The Ten Most Critical Web Application Security Risks
OWASP Top 10 2017 rc1 - The Ten Most Critical Web Application Security Risks
Andre Van Klaveren
 
Protecting data on device with SQLCipher, Stephen Lombardo
Protecting data on device with SQLCipher, Stephen LombardoProtecting data on device with SQLCipher, Stephen Lombardo
Protecting data on device with SQLCipher, Stephen Lombardo
Xamarin
 
OWASP Top 10 2017
OWASP Top 10 2017OWASP Top 10 2017
OWASP Top 10 2017
Siddharth Phatarphod
 
OWASPTop 10
OWASPTop 10OWASPTop 10
OWASPTop 10
InnoTech
 
Web Application Security 101 - 07 Session Management
Web Application Security 101 - 07 Session ManagementWeb Application Security 101 - 07 Session Management
Web Application Security 101 - 07 Session Management
Websecurify
 
Reverse engineering malware
Reverse engineering malwareReverse engineering malware
Reverse engineering malware
Cysinfo Cyber Security Community
 
Web Server and Web Technology Exam paper
Web Server and Web Technology Exam paperWeb Server and Web Technology Exam paper
Web Server and Web Technology Exam paper
Zairul Nizam
 
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography APISecuring TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
Kevin Hakanson
 
Apache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise CompanyApache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise Company
Databricks
 

Más contenido relacionado

La actualidad más candente

Neoito — Secure coding practices
Neoito — Secure coding practicesNeoito — Secure coding practices
Neoito — Secure coding practices
Neoito
 
Hack any website
Hack any websiteHack any website
Hack any website
sunil kumar
 
Protecting data on device with SQLCipher, Stephen Lombardo
Protecting data on device with SQLCipher, Stephen LombardoProtecting data on device with SQLCipher, Stephen Lombardo
Protecting data on device with SQLCipher, Stephen Lombardo
Xamarin
 

La actualidad más candente (20)

Neoito — Secure coding practices
Neoito — Secure coding practicesNeoito — Secure coding practices
Neoito — Secure coding practices
 
Secure programming with php
Secure programming with phpSecure programming with php
Secure programming with php
 
OWASP Top 10 - 2017 Top 10 web application security risks
OWASP Top 10 - 2017 Top 10 web application security risksOWASP Top 10 - 2017 Top 10 web application security risks
OWASP Top 10 - 2017 Top 10 web application security risks
 
Kioptrix 2014 5
Kioptrix 2014 5Kioptrix 2014 5
Kioptrix 2014 5
 
Connection String Parameter Pollution Attacks
Connection String Parameter Pollution AttacksConnection String Parameter Pollution Attacks
Connection String Parameter Pollution Attacks
 
Top 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilitiesTop 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilities
 
Owasp first5 presentation
Owasp first5 presentationOwasp first5 presentation
Owasp first5 presentation
 
Proxy Caches and Web Application Security
Proxy Caches and Web Application Security Proxy Caches and Web Application Security
Proxy Caches and Web Application Security
 
Security in Computing IT
Security in Computing ITSecurity in Computing IT
Security in Computing IT
 
Unethical access to website’s databases hacking using sql injection
Unethical access to website’s databases hacking using sql injectionUnethical access to website’s databases hacking using sql injection
Unethical access to website’s databases hacking using sql injection
 
OWASP Top 10 Proactive Controls
OWASP Top 10 Proactive ControlsOWASP Top 10 Proactive Controls
OWASP Top 10 Proactive Controls
 
Brute force
Brute forceBrute force
Brute force
 
Hack any website
Hack any websiteHack any website
Hack any website
 
OWASP Top 10 2017 rc1 - The Ten Most Critical Web Application Security Risks
OWASP Top 10 2017 rc1 - The Ten Most Critical Web Application Security RisksOWASP Top 10 2017 rc1 - The Ten Most Critical Web Application Security Risks
OWASP Top 10 2017 rc1 - The Ten Most Critical Web Application Security Risks
 
Protecting data on device with SQLCipher, Stephen Lombardo
Protecting data on device with SQLCipher, Stephen LombardoProtecting data on device with SQLCipher, Stephen Lombardo
Protecting data on device with SQLCipher, Stephen Lombardo
 
OWASP Top 10 2017
OWASP Top 10 2017OWASP Top 10 2017
OWASP Top 10 2017
 
OWASPTop 10
OWASPTop 10OWASPTop 10
OWASPTop 10
 
Web Application Security 101 - 07 Session Management
Web Application Security 101 - 07 Session ManagementWeb Application Security 101 - 07 Session Management
Web Application Security 101 - 07 Session Management
 
Reverse engineering malware
Reverse engineering malwareReverse engineering malware
Reverse engineering malware
 
Web Server and Web Technology Exam paper
Web Server and Web Technology Exam paperWeb Server and Web Technology Exam paper
Web Server and Web Technology Exam paper
 

Similar a [DevDay2018] Hacking for fun and profit - By: Dennis Stötzel, Head of Security Division at mgm technology partners Vietnam

Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography APISecuring TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
Kevin Hakanson
 
Apache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise CompanyApache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise Company
Databricks
 
Efficient Context-sensitive Output Escaping for Javascript Template Engines
Efficient Context-sensitive Output Escaping for Javascript Template EnginesEfficient Context-sensitive Output Escaping for Javascript Template Engines
Efficient Context-sensitive Output Escaping for Javascript Template Engines
adonatwork
 
Data Democratization at Nubank
Data Democratization at Nubank Data Democratization at Nubank
Data Democratization at Nubank
Databricks
 
How to write clean & testable code without losing your mind
How to write clean & testable code without losing your mindHow to write clean & testable code without losing your mind
How to write clean & testable code without losing your mind
Andreas Czakaj
 
A Novel Secure Cloud SAAS Integration for User Authenticated Information
A Novel Secure Cloud SAAS Integration for User Authenticated InformationA Novel Secure Cloud SAAS Integration for User Authenticated Information
A Novel Secure Cloud SAAS Integration for User Authenticated Information
ijtsrd
 
Modern cybersecurity threats, and shiny new tools to help deal with them
Modern cybersecurity threats, and shiny new tools to help deal with themModern cybersecurity threats, and shiny new tools to help deal with them
Modern cybersecurity threats, and shiny new tools to help deal with them
Tudor Damian
 
What Web Developers Need to Know to Develop Windows 8 Apps
What Web Developers Need to Know to Develop Windows 8 AppsWhat Web Developers Need to Know to Develop Windows 8 Apps
What Web Developers Need to Know to Develop Windows 8 Apps
Doris Chen
 
Modern cybersecurity threats, and shiny new tools to help deal with them - T...
Modern cybersecurity threats, and shiny new tools to help deal with them - T... Modern cybersecurity threats, and shiny new tools to help deal with them - T...
Modern cybersecurity threats, and shiny new tools to help deal with them - T...
ITCamp
 
CONFidence 2017: Hackers vs SOC - 12 hours to break in, 250 days to detect (G...
CONFidence 2017: Hackers vs SOC - 12 hours to break in, 250 days to detect (G...CONFidence 2017: Hackers vs SOC - 12 hours to break in, 250 days to detect (G...
CONFidence 2017: Hackers vs SOC - 12 hours to break in, 250 days to detect (G...
PROIDEA
 
A miało być tak... bez wycieków
A miało być tak... bez wyciekówA miało być tak... bez wycieków
A miało być tak... bez wycieków
Konrad Kokosa
 

Similar a [DevDay2018] Hacking for fun and profit - By: Dennis Stötzel, Head of Security Division at mgm technology partners Vietnam (20)

Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography APISecuring TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
 
Apache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise CompanyApache Spark for Cyber Security in an Enterprise Company
Apache Spark for Cyber Security in an Enterprise Company
 
SplunkLive! Munich 2018: Siemens Security Use Case
SplunkLive! Munich 2018: Siemens Security Use CaseSplunkLive! Munich 2018: Siemens Security Use Case
SplunkLive! Munich 2018: Siemens Security Use Case
 
Efficient Context-sensitive Output Escaping for Javascript Template Engines
Efficient Context-sensitive Output Escaping for Javascript Template EnginesEfficient Context-sensitive Output Escaping for Javascript Template Engines
Efficient Context-sensitive Output Escaping for Javascript Template Engines
 
Data Democratization at Nubank
Data Democratization at Nubank Data Democratization at Nubank
Data Democratization at Nubank
 
How to write clean & testable code without losing your mind
How to write clean & testable code without losing your mindHow to write clean & testable code without losing your mind
How to write clean & testable code without losing your mind
 
DODN2009 - Jump Start Silverlight
DODN2009 - Jump Start SilverlightDODN2009 - Jump Start Silverlight
DODN2009 - Jump Start Silverlight
 
A Novel Secure Cloud SAAS Integration for User Authenticated Information
A Novel Secure Cloud SAAS Integration for User Authenticated InformationA Novel Secure Cloud SAAS Integration for User Authenticated Information
A Novel Secure Cloud SAAS Integration for User Authenticated Information
 
Unified Data Access with Gimel
Unified Data Access with GimelUnified Data Access with Gimel
Unified Data Access with Gimel
 
Data orchestration | 2020 | Alluxio | Gimel
Data orchestration | 2020 | Alluxio | GimelData orchestration | 2020 | Alluxio | Gimel
Data orchestration | 2020 | Alluxio | Gimel
 
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENTUNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
 
TechEvent DWH Modernization
TechEvent DWH ModernizationTechEvent DWH Modernization
TechEvent DWH Modernization
 
Real_World_0days.pdf
Real_World_0days.pdfReal_World_0days.pdf
Real_World_0days.pdf
 
Modern cybersecurity threats, and shiny new tools to help deal with them
Modern cybersecurity threats, and shiny new tools to help deal with themModern cybersecurity threats, and shiny new tools to help deal with them
Modern cybersecurity threats, and shiny new tools to help deal with them
 
What Web Developers Need to Know to Develop Windows 8 Apps
What Web Developers Need to Know to Develop Windows 8 AppsWhat Web Developers Need to Know to Develop Windows 8 Apps
What Web Developers Need to Know to Develop Windows 8 Apps
 
Modern cybersecurity threats, and shiny new tools to help deal with them - T...
Modern cybersecurity threats, and shiny new tools to help deal with them - T... Modern cybersecurity threats, and shiny new tools to help deal with them - T...
Modern cybersecurity threats, and shiny new tools to help deal with them - T...
 
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
Keynote WFIoT2019 - Data Graph, Knowledge Graphs Ontologies, Internet of Thin...
 
CONFidence 2017: Hackers vs SOC - 12 hours to break in, 250 days to detect (G...
CONFidence 2017: Hackers vs SOC - 12 hours to break in, 250 days to detect (G...CONFidence 2017: Hackers vs SOC - 12 hours to break in, 250 days to detect (G...
CONFidence 2017: Hackers vs SOC - 12 hours to break in, 250 days to detect (G...
 
A miało być tak... bez wycieków
A miało być tak... bez wyciekówA miało być tak... bez wycieków
A miało być tak... bez wycieków
 
Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020
 

Más de DevDay.org

Más de DevDay.org (20)

[DevDay2019] Lean UX - By Bryant Castro, Bryant Castro at Wizeline
[DevDay2019] Lean UX - By Bryant Castro, Bryant Castro at Wizeline[DevDay2019] Lean UX - By Bryant Castro, Bryant Castro at Wizeline
[DevDay2019] Lean UX - By Bryant Castro, Bryant Castro at Wizeline
 
[DevDay2019] Why you'll lose without UX Design - By Szilard Toth, CTO at e·pi...
[DevDay2019] Why you'll lose without UX Design - By Szilard Toth, CTO at e·pi...[DevDay2019] Why you'll lose without UX Design - By Szilard Toth, CTO at e·pi...
[DevDay2019] Why you'll lose without UX Design - By Szilard Toth, CTO at e·pi...
 
[DevDay2019] Things i wish I knew when I was a 23-year-old Developer - By Chr...
[DevDay2019] Things i wish I knew when I was a 23-year-old Developer - By Chr...[DevDay2019] Things i wish I knew when I was a 23-year-old Developer - By Chr...
[DevDay2019] Things i wish I knew when I was a 23-year-old Developer - By Chr...
 
[DevDay2019] Designing design teams - Christopher Nguyen, UX Manager at Wizeline
[DevDay2019] Designing design teams - Christopher Nguyen, UX Manager at Wizeline[DevDay2019] Designing design teams - Christopher Nguyen, UX Manager at Wizeline
[DevDay2019] Designing design teams - Christopher Nguyen, UX Manager at Wizeline
 
[DevDay2019] Growth Hacking - How to double the benefits of your startup with...
[DevDay2019] Growth Hacking - How to double the benefits of your startup with...[DevDay2019] Growth Hacking - How to double the benefits of your startup with...
[DevDay2019] Growth Hacking - How to double the benefits of your startup with...
 
[DevDay2019] Collaborate or die: The designers’ guide to working with develop...
[DevDay2019] Collaborate or die: The designers’ guide to working with develop...[DevDay2019] Collaborate or die: The designers’ guide to working with develop...
[DevDay2019] Collaborate or die: The designers’ guide to working with develop...
 
[DevDay2019] How AI is changing the future of Software Testing? - By Vui Nguy...
[DevDay2019] How AI is changing the future of Software Testing? - By Vui Nguy...[DevDay2019] How AI is changing the future of Software Testing? - By Vui Nguy...
[DevDay2019] How AI is changing the future of Software Testing? - By Vui Nguy...
 
[DevDay2019] Hands-on Machine Learning on Google Cloud Platform - By Thanh Le...
[DevDay2019] Hands-on Machine Learning on Google Cloud Platform - By Thanh Le...[DevDay2019] Hands-on Machine Learning on Google Cloud Platform - By Thanh Le...
[DevDay2019] Hands-on Machine Learning on Google Cloud Platform - By Thanh Le...
 
[DevDay2019] Micro Frontends Architecture - By Thang Pham, Senior Software En...
[DevDay2019] Micro Frontends Architecture - By Thang Pham, Senior Software En...[DevDay2019] Micro Frontends Architecture - By Thang Pham, Senior Software En...
[DevDay2019] Micro Frontends Architecture - By Thang Pham, Senior Software En...
 
[DevDay2019] Power of Test Automation and DevOps combination - One click savi...
[DevDay2019] Power of Test Automation and DevOps combination - One click savi...[DevDay2019] Power of Test Automation and DevOps combination - One click savi...
[DevDay2019] Power of Test Automation and DevOps combination - One click savi...
 
[DevDay2019] How do I test AI models? - By Minh Hoang, Senior QA Engineer at KMS
[DevDay2019] How do I test AI models? - By Minh Hoang, Senior QA Engineer at KMS[DevDay2019] How do I test AI models? - By Minh Hoang, Senior QA Engineer at KMS
[DevDay2019] How do I test AI models? - By Minh Hoang, Senior QA Engineer at KMS
 
[DevDay2019] How to quickly become a Senior Engineer - By Tran Anh Minh, CEO ...
[DevDay2019] How to quickly become a Senior Engineer - By Tran Anh Minh, CEO ...[DevDay2019] How to quickly become a Senior Engineer - By Tran Anh Minh, CEO ...
[DevDay2019] How to quickly become a Senior Engineer - By Tran Anh Minh, CEO ...
 
[Devday2019] Dev start-up - By Le Trung, Founder & CEO at Hifiveplus and Edu...
[Devday2019] Dev start-up - By Le Trung, Founder & CEO at Hifiveplus and Edu...[Devday2019] Dev start-up - By Le Trung, Founder & CEO at Hifiveplus and Edu...
[Devday2019] Dev start-up - By Le Trung, Founder & CEO at Hifiveplus and Edu...
 
[DevDay2019] Web Development In 2019 - A Practical Guide - By Hoang Nhu Vinh,...
[DevDay2019] Web Development In 2019 - A Practical Guide - By Hoang Nhu Vinh,...[DevDay2019] Web Development In 2019 - A Practical Guide - By Hoang Nhu Vinh,...
[DevDay2019] Web Development In 2019 - A Practical Guide - By Hoang Nhu Vinh,...
 
[DevDay2019] Opportunities and challenges for human resources during the digi...
[DevDay2019] Opportunities and challenges for human resources during the digi...[DevDay2019] Opportunities and challenges for human resources during the digi...
[DevDay2019] Opportunities and challenges for human resources during the digi...
 
[DevDay2019] Python Machine Learning with Jupyter Notebook - By Nguyen Huu Th...
[DevDay2019] Python Machine Learning with Jupyter Notebook - By Nguyen Huu Th...[DevDay2019] Python Machine Learning with Jupyter Notebook - By Nguyen Huu Th...
[DevDay2019] Python Machine Learning with Jupyter Notebook - By Nguyen Huu Th...
 
[DevDay2019] Do you dockerize? Are your containers safe? - By Pham Hong Khanh...
[DevDay2019] Do you dockerize? Are your containers safe? - By Pham Hong Khanh...[DevDay2019] Do you dockerize? Are your containers safe? - By Pham Hong Khanh...
[DevDay2019] Do you dockerize? Are your containers safe? - By Pham Hong Khanh...
 
[DevDay2019] Develop a web application with Kubernetes - By Nguyen Xuan Phong...
[DevDay2019] Develop a web application with Kubernetes - By Nguyen Xuan Phong...[DevDay2019] Develop a web application with Kubernetes - By Nguyen Xuan Phong...
[DevDay2019] Develop a web application with Kubernetes - By Nguyen Xuan Phong...
 
[DevDay2019] Paradigm shift towards effective Scrum - By Tam Doan, Agile Coac...
[DevDay2019] Paradigm shift towards effective Scrum - By Tam Doan, Agile Coac...[DevDay2019] Paradigm shift towards effective Scrum - By Tam Doan, Agile Coac...
[DevDay2019] Paradigm shift towards effective Scrum - By Tam Doan, Agile Coac...
 
[DevDay2019] JAM Stack - By Ngo Thi Ni, Web Developer at Agility IO
[DevDay2019] JAM Stack - By Ngo Thi Ni, Web Developer at Agility IO[DevDay2019] JAM Stack - By Ngo Thi Ni, Web Developer at Agility IO
[DevDay2019] JAM Stack - By Ngo Thi Ni, Web Developer at Agility IO
 

Último

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 

Último (20)

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 

[DevDay2018] Hacking for fun and profit - By: Dennis Stötzel, Head of Security Division at mgm technology partners Vietnam

  • 1. München/HQ Bamberg Berlin Đà Nẵng Dresden Grenoble Hamburg Cologne Leipzig Nuremberg Prague Washington Zug Hacking for fun and profit A day in the life of a professional hacker Dennis Stötzel 20/04/18
  • 4. 20.04.2018 4 A day in the life of a hacker… Morning Afternoon Evening
  • 5. 20.04.2018 5 A day in the life of a hacker… Morning: Make some money at a developer conference Afternoon Evening
  • 7. 20.04.2018 7 The Pineapple Attack or How to make some crypto coins at a conference …
  • 10. 20.04.2018 11  hostapd: Create, configure and open an access point  dnsmasq: DNS forwarding and DHCP  Proxy  run all HTTP traffic through the proxy  easily control the content of HTTP requests  Strip security headers: Take away unwanted HTTP headers  Content-Security-Policy  Strict-Transport-Security  Caching / compression  … The Parts
  • 12. 20.04.2018 14 Putting it all together
  • 15. 20.04.2018 17  Steal your sensitive data  passwords  banking data  …  Inject REAL malware into your browser  Abuse vulnerabilities in older browsers (or plugins like Flash)  gain control of your machine  make your computer a zombie What else COULD have happened?
  • 18. 20.04.2018 20  Do not blindly connect to any free wifi!!!!!1111 The User
  • 19. 20.04.2018 21  Do not blindly connect to any free wifi!!!!!1111  Prefer websites that use SSL  Don’t do sensitive transactions (like online banking) over an unknown wifi connection  Be careful when a website is suddenly HTTP instead of HTTPS  Use a VPN The User
  • 20. 20.04.2018 22  Use SSL/TLS  an evil AP cannot inject into an encrypted connection  Use HSTS (HTTP Strict Transport Security)  to defend against SSL stripping  Strict-Transport-Security: max-age=31536000  https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet  Use HSTS preloading  https://hstspreload.org The Websites
  • 21. 20.04.2018 23 A day in the life of a hacker… Morning: Make some money at a developer conference Afternoon: Work for the customer Evening
  • 22. 20.04.2018 24 whoami Dennis Stötzel Managing Principal Security Team mgm technology partners Vietnam  Born in Germany  Lived in Bolivia (South America), Germany, Spain, Vietnam  Studied Mathematics in Munich, Germany  6 years security consulting and development  Specializations in security  Penetration tests  Consultings around Secure Software Development Lifecycle (SDLC)  Source code analysis
  • 24. 20.04.2018 26 We are proud of our 600+ engineers world wide
  • 25. 20.04.2018 27 We are happy to have 80+ employees here in Da Nang Vietnam
  • 26. 20.04.2018 28 We build software:  Web and mobile  Large enterprise customers in Germany We make software secure:  Security consulting  Penetration testing  Developer training
  • 27. 20.04.2018 29  Works only with the customer's consent  only on an exactly defined scope  only in an exactly defined time period  No illegal activities The Work of a Professional Penetration Tester
  • 29. 20.04.2018 31 SQL Injection Mr Dennis Web Application SELECT user FROM employees WHERE userid='Mr Dennis'
  • 31. 20.04.2018 33 SQL Injection Web Application SELECT user FROM employees WHERE userid='foo' UNION SELECT salary FROM employees WHERE userid LIKE '%' foo' UNION SELECT ...
  • 33. 20.04.2018 35 SQL Injection Consequences  Several attacks can be conducted: UNION SELECT balance FROM account; ; UPDATE interest SET ... ; DELETE ... ; INSERT ...  and access to the file system:  One vulnerable web application may compromise the security of the whole system CREATE TABLE footable(data longblob); // create BLOB table INSERT INTO footable(data) VALUES(0x4d5a90…610000); // _ fill table with binary UPDATE footable SET data=CONCAT(data, 0xaa270000…000000); // _ data […]; // _ SELECT data FROM footable INTO DUMPFILE 'C:/WINDOWS/Temp/nc.exe'; // drop finished trojan
  • 34. 20.04.2018 36  Prepared Statements  Stored Procedures  Defense-in-Depth  Least privilege connections (database user having minimal access rights)  separated table spaces  Input Encoding  If dynamic SQL statements are required: SQL Injection - Countermeasures string strSanitizedInput = strInput.Replace("'", "''"); statement.executeQuery("SELECT * FROM MOVIES WHERE TITLE='" + StringEscapeUtils.escapeSql("McHale's Navy") + "'"); // org.apache.commons.lang
  • 35. 20.04.2018 37 SQL Injection – Parameterized Queries Language - Library Parameterized Query Java - Standard String custname = request.getParameter("customerName"); String query = "SELECT account_balance FROM user_data WHERE user_name = ? "; PreparedStatement pstmt = connection.prepareStatement( query ); pstmt.setString( 1, custname); ResultSet results = pstmt.executeQuery( ); Java - Hibernate Query safeHQLQuery = session.createQuery("from Inventory where productID=:productid"); safeHQLQuery.setParameter("productid", userSuppliedParameter); .NET/C# String query = "SELECT account_balance FROM user_data WHERE user_name = ?"; try { OleDbCommand command = new OleDbCommand(query, connection); command.Parameters.Add(new OleDbParameter("customerName", CustomerName Name.Text)); OleDbDataReader reader = command.ExecuteReader(); // … } catch (OleDbException se) { // error handling } ASP.NET string sql = "SELECT * FROM Customers WHERE CustomerId = @CustomerId"; SqlCommand command = new SqlCommand(sql); command.Parameters.Add(new SqlParameter("@CustomerId", System.Data.SqlDbType.Int)); command.Parameters["@CustomerId"].Value = 1; PHP - PDO $stmt = $dbh->prepare("INSERT INTO REGISTRY (name, value) VALUES (:name, :value)"); $stmt- >bindParam(':name', $name); $stmt->bindParam(':value', $value);
  • 36. 20.04.2018 38  OWASP https://www.owasp.org/index.php/SQL_Injection https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet https://www.owasp.org/index.php/Query_Parameterization_Cheat_Sheet  SQL Injection Cheat Sheet http://ferruh.mavituna.com/makale/sql-injection-cheatsheet/  Pentestmonkey Cheat Sheet http://pentestmonkey.net/cheat-sheet/sql-injection/mysql-sql-injection-cheat-sheet  sqlmap http://sqlmap.sourceforge.net/ SQL Injection – Further Reading
  • 37. 20.04.2018 39 A day in the life of a hacker… Morning: Make some money at a developer conference Afternoon: Work for the customer Evening: Have a beer & hire some people
  • 39. 20.04.2018 41  Curiosity for web application security  Understanding of web and browser technologies  HTTP, HTML, JS, SQL, etc.  Good English knowledge  University degree Profile
  • 42. 20.04.2018 44 Innovation Implemented. mgm technology partners Vietnam Co.,Ltd 07 Pasteur, Đà Nẵng, Vietnam New office: 07 Phan Chau Trinh, Đà Nẵng, Vietnam https://www.facebook.com/mgmTechnologyPartnersVietnam/ Dennis Stötzel Mobile +84 126 2529693 E-Mail dennis.stoetzel@mgm-sp.com PragMunich Berlin Hamburg Cologne NurembergGrenoble LeipzigDresdenBamberg Đà Nẵng ZugWashington

Notas del editor

  1. Whitehat tries to defend only hacks with consent ethical Blackhat tries to destroy hacks to make profit unethical
  2. rework