The Security Journey of Web Development | Youth Training Camp

The security journey of web development

A look at web security

image.png
Security issues 'very common' and can harm

  • user
  • company
  • Programmer (sacrifice to heaven)

Web security from two perspectives

  • If you are a hacker - attack
  • If you are a developer - Defense

Attack

Cross-Site Scripting(XXS)

image.png

Features

  • Often difficult to detect from the UI (executing scripts secretly)
  • Steal user information (cookie/token)
  • Draw UI (such as pop-up window) to trick users into clicking/filling in the form

demo

image.png

Srored XSS (database attack)

  • Malicious scripts are stored in the database
  • Access the page → read data—under attack
  • The most harmful, visible to all users

Reflected XSS (database attack)

  • No database involved
  • Attack from URL

image.png

Mutation-based XSS (database attack)

  • Utilizes the browser's ability to render DOM (unique optimization)
  • Different browsers will have differences (attack based on browser)

Cross-site request forgery(CSRF)

  • Without the user’s knowledge
  • Taking advantage of user permissions (cookies)
  • Construct specified HTTP requests to steal or modify user sensitive information

demo

image.png

GET

image.png
image.png
image.png

SQL Injection

image.png

demo

  • Read request fields
  • Directly concatenate SQL statements in the form of strings

image.png
image.png

Injection is more than just SQL

  • CLI
  • os command
  • Server-Side Request Forgery (SSRF), server-side forged request
  • Strictly speaking, SSRF is not injection, but the principle is similar

SSRF

image.png

  1. Request [user-defined] callback URL
  2. The web server usually has intranet access rights

Denial of Service(DoS)

Through a certain method (constructing specific requests), server resources are significantly consumed, leaving no time to respond to more requests, resulting in request squeeze, and then an avalanche effect.

Interlude: Regular Expressions - Greedy Mode

image.png

Distributed DoS(DDoS)

In a short period of time, due to the request traffic from a large number of zombie devices, the server cannot complete all requests in time, resulting in a pile-up of requests, resulting in an avalanche effect and the inability to respond to new requests.
image.png
image.png

Defense

XSS

in principle

  • Never trust user submissions
  • Don't convert user submissions directly to DOM

image.png

off-the-shelf tools

image.png

Special case:

String->DOM

new DOMParser()

image.png

image.png

CSP

image.png

CSRF Defense

image.png

token

The page comes first, then the request
image.png
image.png

Prevent user information from being carried: SameSite Cookie

image.png
image.png

SameSite

image.png
image.png

Injection

  • Find the place in the project where SQL is queried
  • Use prepared statement

image.png

Injection beyond SQL

image.png

HTTP Strict-Transport-Security (HSTS)

HTTPS features

image.png

Proactively upgrade HTTP to HTTPS

image.png
https://bytedance.feishu.cn/file/boxcn9L4YzmTK3mwE3tIBL2UVme

Guess you like

Origin blog.csdn.net/Azbtt/article/details/132143372