Tuesday, January 30, 2007
Fingerprinting is an age old concept and one that adds great value to assessment methodologies. There are several tools available for fingerprinting operating systems (nmap), Web servers (httprint), devices, etc. Each one of these tools uses a different method – inspecting the TCP stack, ICMP responses, HTTP responses. With this evolution of Web 2.0 applications that use Ajax extensively, it is important to fingerprint Ajax tools, framework or library used by a particular web site or a page. This paper describes the method of doing Ajax fingerprinting with a simple prototype serving as an example.
Posted by shreeraj at 5:36 AM
Monday, January 29, 2007
Web application fuzzing is a method of detecting a web application's vulnerabilities prior to deploying the application on a production system. Users of this approach send several malicious requests to the application and, based on the responses received, determine the application's security posture. Users also can apply fuzzing to perform tests on several different attack vectors such as SQL, XPATH, and LDAP injection, and error handling.
Posted by shreeraj at 7:57 PM
Friday, January 19, 2007
Crawling web applications is one of the key phases of automated web application scanning. The objective of crawling is to collect all possible resources from the server in order to automate vulnerability detection on each of these resources. A resource that is overlooked during this discovery phase can mean a failure to detect some vulnerabilities. The introduction of Ajax throws up new challenges for the crawling engine. New ways of handling the crawling process are required as a result of these challenges. The objective of this paper is to use a practical approach to address this issue using rbNarcissus, Watir and Ruby.
Posted by shreeraj at 2:00 AM
Friday, January 05, 2007
Technet posted book review on Hacking web services
Shreeraj Shah's Hacking Web Services (Charles River Media, 2006) is a valuable resource for those involved in development, deployment, or support of Web services. The book is a well-organized general security reference for Web services and their component technologies. And it does a good job of detailing what is involved in defending them in your infrastructure and through your development practices.
The book begins with a relatively in-depth introduction to Web services A case study titled "The Consequences of Procrastination" teaches you about the power of preemptive security procedures and the penalties of reactive systems. The chapter titled "Web Services Scanning and Enumeration" discusses how to use the wsChess, a .NET-based Web service security toolkit from Net-Square (net-square.com/wschess/index.shtml), to profile and footprint Web services.
The book includes a utility CD, which contains a sample .NET-based application called SOAPWall. This shows you how to block injection characters and buffer overflows in your .NET Web services. In addition, the CD provides demos of different types of Web service attacks.
Posted by shreeraj at 6:28 AM