Masters in Information Security
SQL Injection
What is Security?
vs
Authorization is about checking if an entity has the proper privileges for an action
Authentication is about verifying that an entity is who it claims to be
Session management is the glue between authentication and authorization
taken from pragmaticwebsecurity.com
taken from pragmaticwebsecurity.com
server-side vs client-side sessions
session identifiers vs self-contained JWT tokens
cookies vs localStorage vs SessionStorage
cookies vs authorization header
Authorization based on JWT
JSON Web Token
Can you spot security issue here?
export class TokenInterceptor implements HttpInterceptor {
constructor(public auth: AuthService) { }
intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
request = request.clone({
setHeaders: {
Authorization: `Bearer ${this.auth.getToken()}`
}
});
return next.handle(request);
}
}
taken from pragmaticwebsecurity.com
taken from pragmaticwebsecurity.com
taken from pragmaticwebsecurity.com
var url = new URL(location.gref)
.searchParams.get("user");
$('#form')
.append('<input type="hidden" value="' + url + '">');
https://...?user=https://example.com"/><script>console.log(1)</script>
<form id="#form">
<input type="hidden"
value="https://example.com"/><script>console.log(1)</script>
</form>
$save_text = str_replace('script', 'span', $text);
<ScRiPt>/* bad code here*/ </ScRiPt>
<input type="image" src="javascript:/* ... */;">
<img src="no.png" onerror="/* bad code here */">
Sanitization out of box:
bypassSecurityTrust*
taken from pragmaticwebsecurity.com
The password cannot be updated by using this method.
However, the information that’s needed to reset the password can.
taken from pragmaticwebsecurity.com
88.45% of the Alexa top 10,000 web sites “included at least one remote JavaScript library
taken from pragmaticwebsecurity.com
taken from pragmaticwebsecurity.com
npm audit
taken from pragmaticwebsecurity.com
95% of HTTPS servers vulnerable to trivial MITM attack
taken from pragmaticwebsecurity.com
taken from pragmaticwebsecurity.com
With great power comes great responsibility