Security for beginners

Agenda:

  • Different attacks
  • How to make attacks
  • How to protect ourselves from attacks
  • Hashes
  • Cryptography == Math

 

Hack to learn, not learn to hack

 

Protecting ourselfs as an internet users.

Brute force

 

Phishing attack

Phishing attack

Backdoors

Protect our software!

SQL Injection

some_var = "Ivaylo"

update_sql = "SELECT * WHERE username = " + some_var
cursor.execute(update_sql)

some_var = " asd; DROP DATABASE;"

Be carefull with eval()

eval("1 + 3")
>>> 4

Don't eval users input!

eval("__import__('os').system('rm file.jpg')")

Denial of service == DOS

Man in the middle

Cryptography

Pre shared - Symmetric keys

def ceaser(message, key):
    alphabet = list('abcdefghijklmnopqrstuvwxyz')       
    result = ""
    for c in message:
        new_char_index = (alphabet.index(c) + key) % len(alphabet)
        result += alphabet[new_char_index]

>>> ceaser("Panda", 1)
>>> "Qbmeb"

Private Key

Public Key

Public Key

Public Key

Secret Information

Encrypted Data

Encrypted Data

Encrypted Data

Decription

Hashes

>>> messege = "ABCD"
>>> md5(messege)
>>> cb08ca4a7bb5f9683c19133a84872ca7

Security

By Hack Bulgaria

Security

101 Security

  • 1,555