1 / 20

Lecture 23: Web Security

Learn about the layers of the networking stack, protocols like HTTP and TLS/SSL, and vulnerabilities in web applications.

vondaw
Download Presentation

Lecture 23: Web Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lecture 23: Web Security CS 181S December 5, 2018

  2. Networking Stack 7 - Application Deliver content HTTP 6 - Presentation Manage encoding User Space 5 - Session Manage sessions TLS/SSL 4 - Transport Deliver (un)reliably TCP/UDP 3 - Network Deliver globally IP Operating System 2 - Data Link Deliver locally Ethernet 1 - Physical Deliver signals 0s and 1s

  3. Layer 1: Physical Layer 2: Data Link Layer 3: Network Layer 4: Transport OS Layers

  4. SSL/TLS Handshake ClientHello ChangeCipherSpec Version, cipher suites, rClient Version, cipher suite, rServer, certificate ServerHello ChangeCipherSpec ServerKeyExchange (optional) ClientKeyExchange Enc_pks(ms_p) Compute master secret Compute master secret

  5. TLS record

  6. Hypertext Transfer Protocol (HTTP) is an application protocol for distributed information systems Stateless request-response protocol Requests resources identified by Uniform Resource Locatars (URLs) Application Layer: HTTP

  7. HTTP Request: HTTP Response: Example Request Request Method Path Protocol Version Headers Header Body

  8. HTTP Response Codes

  9. Vulnerabilities by Year

  10. Vulnerability Occurrence in Applications

  11. HTTP is stateless GET/index.htmlHTTP/1.1 Host:www.example.com HTTP/1.1200OK Date: Fri, 17 March 2017 10:10:00 EDT Content-Type: text/html; charset=UTF-8 Content-Length: 138 Connection:close <html> <head><title>An Example Page</title> </head> <body> Hello World! </body> </html>

  12. Session Management HTTP GET HTTP OK HTTP GET HTTP OK

  13. Cookies Optional: path, domain

  14. Cookie Side-jacking SSL(login) SSL(redirect; set-cookie) Request; cookie=SID

  15. FireSheep (October 2010)

  16. SSL by Default (top 10k)

  17. Cookie Forgery SSL(login) SSL(redirect; set-cookie) Request; cookie=SSID

  18. Cookie Forgery

  19. Malware sometimes targets local browser state Cookie Theft

  20. salt is 'saltysalt' • key length is 16 • iv is 16 bytes of space b' ' * 16 • on Mac OSX: • password is in keychain: security find-generic-password -w -s "Chrome Safe Storage" • 1003 iterations • on Chrome OS: • password is in keychain: "security find-generic-password -wga Chrome” • 1003 iterations • on Linux: • password is peanuts • 1 iteration • On Windows: • password is current user password • CryptProtectData uses 4000 iterations Chrome Encrypted Cookies

More Related