Download
1 / 10
100 likes | 113 Views
This text discusses various security vulnerabilities and attacks on smart card OTP cards, including buffer overflow attacks, client state manipulation, SQL/command injection, SQL prepared statement, cross-site scripting (XSS), and cross-site request forgery (XSRF).
E N D
Buffer Overflow Attack main() { if (login()) start_session(); return 0; } login() { char passwd[10]; gets(passwd); return (strcmp(passwd, "mypasswd") == 0); } start_session() { ... }
Client State Manipulation <form> <input type=“hidden” name=“item” value=“book”> <input type=“hidden” name=“price” value=“$5”> … </form>
SQL/Command Injection • “SELECT name, price FROM productWHERE id =“ + user_input + “;” • system(“cp file1.dat” + user_input);
SQL Prepared Statement PreparedStatement s = db.prepareStatement("SELECT * from Product WHERE id = ?"); s.setInt(1, Integer.parseInt(user_input)); ResultSet rs = s.executeQuery();
Cross Site Scripting (XSS) <html> <body> Welcome to $user_name$’s profile … </body> </html>
Cross Site Request Forgery (XSRF) • The user visited http://victim.com before • The user is at http://evilsite.com now <form name=“hack” action=“http://victim.com”> <input type=“hidden” name=“newpassword” value=“hacked”> </form> <script>document.hack.submit()</script>
