1 / 8

The Hacker Mindset

The Hacker Mindset. CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University http://adamdoupe.com. What is a Vulnerability?. Make the application to do something that it is not supposed to do

LeeJohn
Download Presentation

The Hacker Mindset

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Hacker Mindset CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University http://adamdoupe.com

  2. What is a Vulnerability? • Make the application to do something that it is not supposed to do • Therefore, in order to find vulnerabilities, you must first understand the application • What is the intended functionality? • What is the intended behavior? • What does the application use as input? • What does the application produce as output?

  3. Example • Find: unauthenticated users can edit page content • Is this a vulnerability? • On cnn.com, yes! • On wikipedia.org, no! • This is why understanding the web application is critical

  4. How to Rob a Bank* *Knowledge comes from movies • Step 1: Reconnaissance • Who works at the bank? • What is their role? • Who has the keys? • When do the guards change or take a break? • What does the layout of the bank look like? • What does the vault look like? • What kind of lock does the bank use? • … • Step 2: Build elaborate plan • Step 3: Everything goes wrong • Step 4: Profit?

  5. How to Rob a Web Application • Step 1: Reconnaissance • How does the application work? • Are there user accounts? • Do the user accounts have different privileges? • How are privileges enforced? • What does the layout of the web application look like (URLs)? • What URLs should only be accessible via a certain privilege? • What is the input to the web application? • What is the output of the web application? • How is the web application probably written? • Step 2: Develop vulnerability hypothesis • Step 3: Test vulnerability hypothesis • Step 4: Develop exploit • Step 5: Profit

  6. Injection Vectors • All user input to the web application • Some examples • Query parameters • URL path • POST parameters • Cookies • Referer header • Files • Other websites (twitter feed) • Emails

  7. Understand Data Flow • How does the input data flow through the program? • Data on page X is displayed on page Y and used to calculate the result of page Z • How does the output of a page flow through the program? • Result of a calculation used as part of a tweet

  8. Summary • First step to hacking is reconnaissance • Critical to understand the web application • Helps to decide what is a vulnerability and what is not! • Want to reverse engineer the web application • Ask yourself how would I have written this web application? • What mistakes might the developer have made?

More Related