Top Security Problems in Programming
< استفاده از مطالب سایت فراکنش با ذکر منبع مجاز است.>
Introduction
Introduction: HTTP GET and POST
– Two HTTP Request Methods: GET and POST
Two commonly used methods for a request-response between a client and server are:
GET – Requests data from a specified resource
POST – Submits data to be processed to a specified resource
– The GET Method
Note that the query string (name/value pairs) is sent in the URL of a GET request:
/test/demo_form.asp?name1=value1&name2=value2
– Some other notes on GET requests:
. GET requests can be cached
. GET requests remain in the browser history
. GET requests can be bookmarked
. GET requests should never be used when dealing with sensitive data
. GET requests have length restrictions
.GET requests should be used only to retrieve data
– Note that the query string (name/value pairs) is sent in the HTTP message body of a POST request:
POST /test/demo_form.asp HTTP/1.1
Host: w3schools.com
name1=value1&name2=value2
– Some other notes on POST requests:
. POST requests are never cached
. POST requests do not remain in the browser history
. POST requests cannot be bookmarked
. POST requests have no restrictions on data length
Compare GET vs. POST
OWASP Top 10
OWASP: Open Web Application Security Project
The OWASP Foundation is a not-for-profit entity that ensures the project’s long-term success.
Historically, OWSP produces a new Top 10 every 3 years: 2004, 2007, 2010, 2013, 2016/2017 !?
A1- Injection
A2- Broken Authentication and Session Management
A3- Cross-Site Scripting (XSS)
A4- Insecure Direct Object References
A5- Security Misconfiguration
A6- Sensitive Data Exposure
A7- Missing Function Level Access Control
A8- Cross-Site Request Forgery (CSRF)
A9- Using Components with Known Vulnerabilities
A10- Unvalidated Redirects and Forwards
CWE/Sans Top 25 Most Dangerous Programming Errors
• The Common Weakness Enumeration (CWE):
A formal list of software weakness types
Sponsored by the National Cyber Security Division in the US Department of Homeland Security
• The SANS (SysAdmin, Audit, Network, Security) Institute
Established in 1989 as a cooperative research and education organization
• Source: http://www.sans.org/top25errors/
• Category of weaknesses:
Insecure Interaction Among Components
(6 errors)
– Related to insecure ways in which data is sent and received between separate components, modules, programs, processes, threads, or systems
Risky Resource Management (8 errors)
– Related to ways in which software does not properly manage the creation, usage, transfer, or destruction of important system resources.
Porous Defences (11 errors)
– Related to defensive techniques that are often misused, abused, or just plain ignored.