Download - NET from the Hacker's Perspective
![Page 2: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/2.jpg)
.NET from the HackerÕsPerspective
What Hackers DislikeRiskWhat Hackers LikeSummary
![Page 3: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/3.jpg)
What Hackers Dislike
l .NET Buffer Overflows
l Role Security
l CAS Code Access Security
l Cryptography
l Summary
![Page 4: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/4.jpg)
.NET Buffer Overflows
l Managed Code
l Legacy Code
l The Developer Mind Set
![Page 5: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/5.jpg)
.NET Buffer Overflows: ManagedCode
l Self-resizing variables
l .NET Framework keeps fixed sizedvariables from being copied to byvariable sized variables
![Page 6: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/6.jpg)
.NET Buffer Overflows: LegacyCode
l It is still very common to use previouslycoded modules and routines
l Why reinvent the wheel?l Security?
![Page 7: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/7.jpg)
.NET Buffer Overflows: TheDeveloperÕs Mind Set
l No buffer overflows in .NET? I no longerneed to bounds check my variable lengthvariables.
l Less could mean more
![Page 8: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/8.jpg)
What Hackers Dislike
l Buffer Overflows
l Role Security
l CAS Code Access Security
l Cryptography
l Summary
![Page 9: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/9.jpg)
Role Security
l DonÕt call meÉ IÕll call you
l Framework for defining class andfunction level call security
![Page 10: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/10.jpg)
What Hackers Dislike
l Buffer Overflows
l Role Security
l CAS Code Access Security
l Cryptography
l Summary
![Page 11: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/11.jpg)
CAS Code Access Security
l Mobile Code
l Default user permission settings for theInternet Zone makes hard case forignoring use in public market
l Signing Assemblies (GAC)
l Key Management (Source Safe)
![Page 12: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/12.jpg)
What Hackers Dislike
l Buffer Overflows
l Role Security
l CAS Code Access Security
l Cryptography
l Summary
![Page 13: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/13.jpg)
Cryptography
l Encrypt vs. Encode vs. Hashing
l Minimal Coding Requirements
l Fast
l Easy Key Management
l XML
![Page 14: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/14.jpg)
What Hackers Dislike
l Buffer Overflows
l Role Security
l CAS Code Access Security
l Cryptography
l Summary
![Page 15: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/15.jpg)
What Hackers Dislike: Summary
l Buffer Overflow Protectionl Always bounds check
l Role Based Security In Codel Validate who is allowed to call functions
l Newer Code Difficult To Trojanl Avoid Trojans like ÒFunLoveÓ
l Everything Encryptedl Avoid information leakage
![Page 16: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/16.jpg)
.NET from the HackerÕsPerspective
What Hackers DislikeRiskWhat Hackers LikeSummary
![Page 17: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/17.jpg)
Risk
l Everyone has a deadline
l Everyone has a performancerequirement
l NEW -> Everyone has a securityrequirement
l Dollar -> Security -> Risk
![Page 18: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/18.jpg)
.NET from the HackerÕsPerspective
What Hackers DislikeRiskWhat Hackers LikeSummary
![Page 19: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/19.jpg)
What Hackers Like
l Information Leakagel View state
l XML
l SQL errors
l Web errors
l Cookies
l URLs
l Does easy todevelop mean easyto exploit?
l Cross Site Scripting
l Reaply/Hijacking
l Injection XML/SQL
![Page 20: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/20.jpg)
Information Leakage: View State
l View Statel Base64 encoded
l Dynamic properties of server-side controls
l Map to exposures and vulnerabilities
![Page 21: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/21.jpg)
Information Leakage: XML
l The world of plaintext
l Sniffed traffic can lead to informationleakage
l Encrypting XML can be cumbersomeand degrades performance
l Signing XML is also difficult anddegrades performance
![Page 22: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/22.jpg)
Information Leakage: SQL errors
l Not once, not twice, but N times
l The exploitation road map to accessingyour dataÉ
l The small to medium company go-to-guy
![Page 23: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/23.jpg)
Information Leakage: Web errors
l Programmers are logical
l Hackers are logical
l Login examplel Password Invalid
l User Invalid
l User or Password Invalid
l Enumeration functions
![Page 24: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/24.jpg)
Information Leakage: Cookies
l Stored on client
l Modifiable
l Extents to any client side persisted stateinformation
l Serialization
l Client to server program configurationfiles (non-HTTP)
![Page 25: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/25.jpg)
Information Leakage: URLs
l URLs tell a storyl System Administrator/Deployment Know-
How
l Incrementing variables
l Arguments to functions
![Page 26: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/26.jpg)
What Hackers Like
l Information Leakagel View state
l XML
l SQL errors
l Web errors
l Cookies
l URLs
l Does easy todevelop mean easyto exploit?
l Cross Site Scripting
l Replay/Hijacking
l Injection XML/SQL
![Page 27: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/27.jpg)
Information Leakage: EasyDevelopment leads to Easy Exploits
l If I do not incorporate security knowledgeand processing during development anddeployment of all resources, regardlessof whether the access to that resource isanonymous or authenticated, isexploitation possible? YES.
![Page 28: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/28.jpg)
What Hackers Like
l Information Leakagel View state
l XML
l SQL errors
l Web errors
l Cookies
l URLs
l Does easy todevelop mean easyto exploit?
l Cross Site Scripting
l Replay/Hijacking
l Injection XML/SQL
![Page 29: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/29.jpg)
Cross Site Scripting
l HTML inputs for everyone
l How do I validate?
l Just donÕt do it if you can avoid itÉ gooddesign makes for good security
![Page 30: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/30.jpg)
What Hackers Like
l Information Leakagel View state
l XML
l SQL errors
l Web errors
l Cookies
l URLs
l Does easy todevelop mean easyto exploit?
l Cross Site Scripting
l Replay/Hijacking
l Injection XML/SQL
![Page 31: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/31.jpg)
Replay / Hijacking
l Session Hijackingl HTTP Session IDs
l .NET Forms Authentication
l Got SSL?l Hey! Cross Site Scripting to the rescueÉ
l Validation = ( Authentication -> Session )* Each Request
![Page 32: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/32.jpg)
What Hackers Like
l Information Leakagel View state
l XML
l SQL errors
l Web errors
l Cookies
l URLs
l Does easy todevelop mean easyto exploit?
l Replay/Hijacking
l Injection XML/SQL
![Page 33: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/33.jpg)
Injection XML/SQL
l SOAP
l Dynamic SQL
l .NET SqlParameter
![Page 34: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/34.jpg)
.NET from the HackerÕsPerspective
What Hackers DislikeRiskWhat Hackers LikeSummary
![Page 35: NET from the Hacker's Perspective](https://reader038.vdocument.in/reader038/viewer/2022103011/586e22751a28ab5f2c8b595a/html5/thumbnails/35.jpg)
Summary
l Parameter validation still key to amajority of vulnerabilities
l Why authenticate when you can hijack?
l Sign code, encrypt data, or elseÉ
l Server side security much betterÉcommunication security still difficult tosecure with ease, but definitely possible