The Experts below are selected from a list of 138 Experts worldwide ranked by ideXlab platform
Němec Václav - One of the best experts on this subject based on the ideXlab platform.
-
Penetration Testing Application for Data Validation Flaws Based Web Vulnerabilities
Vysoké učení technické v Brně. Fakulta informačních technologií, 2011Co-Authors: Němec VáclavAbstract:This bachelor's thesis deals with detection of web vulnerabilities such as data validation flaws. The paper describes usual attacks, defense against these and procedures of automatic detection. The main goal is to design and implement tool for automatic detection of vulnerabilities such as data validation flaws, its further testing and on sample application and comparison of results with similar tools like Paros Proxy or Burp Suite
-
Penetration Testing Application for Data Validation Flaws Based Web Vulnerabilities
Vysoké učení technické v Brně. Fakulta informačních technologií, 2011Co-Authors: Němec VáclavAbstract:Tato bakalářské práce se zabývá detekcí webových zranitelností typu Data validation flaws. V práci jsou popsány běžné útoky, obrana před těmito útoky a postupy při automatické detekci. Hlavním cílem je návrh a implementace nástroje pro automatickou detekci zranitelností typu Data validation flaws, jeho otestování a srovnání výsledků s podobnými nástroji jako například Paros Proxy nebo Burp Suite.This bachelor's thesis deals with detection of web vulnerabilities such as data validation flaws. The paper describes usual attacks, defense against these and procedures of automatic detection. The main goal is to design and implement tool for automatic detection of vulnerabilities such as data validation flaws, its further testing and on sample application and comparison of results with similar tools like Paros Proxy or Burp Suite.
Jorg Schwenk - One of the best experts on this subject based on the ideXlab platform.
-
On The (In-)Security Of JavaScript Object Signing And Encryption
Proceedings of the 1st Reversing and Offensive-oriented Trends Symposium on - ROOTS, 2017Co-Authors: Dennis Detering, Christian Mainka, Vladislav Mladenov, Juraj Somorovsky, Jorg SchwenkAbstract:JavaScript Object Notation (JSON) has evolved to the de-facto standard file format in the web used for application configuration, cross- and same-origin data exchange, as well as in Single Sign-On (SSO) protocols such as OpenID Connect. To protect integrity, authenticity, and confidentiality of sensitive data, JavaScript Object Signing and Encryption (JOSE) was created to apply cryptographic mechanisms directly in JSON messages. We investigate the security of JOSE and present different applicable attacks on several popular libraries. We introduce JOSEPH (JavaScript Object Signing and Encryption Pentesting Helper) -- our newly developed Burp Suite extension, which automatically performs security analysis on targeted applications. JOSEPH's automatic vulnerability detection ranges from executing simple signature exclusion or signature faking techniques, which neglect JSON message integrity, up to highly complex cryptographic Bleichenbacher attacks, breaking the confidentiality of encrypted JSON messages. We found severe vulnerabilities in six popular JOSE libraries. We responsibly disclosed all weaknesses to the developers and helped them to provide fixes.
-
automatic recognition processing and attacking of single sign on protocols with Burp Suite
Open Identity Summit, 2015Co-Authors: Christian Mainka, Vladislav Mladenov, Tim Guenther, Jorg SchwenkAbstract:SAML, Mozilla BrowserID, OpenID, OpenID Connect, Facebook Connect, Microsoft Account, OAuth — today’s web applications are supporting a large set of Single Sign-On (SSO) solutions. Some of them have common properties and behavior, others are completely different. This paper will give an overview of modern SSO protocols. We classify them into two groups and show how to distinguish them from each other. We provide EsPReSSO, an open source BurpSuite plugin that identifies SSO protocols automatically in a browser’s HTTP traffic and helps penetration testers and security auditors to manipulate SSO flows easily.
-
Open Identity Summit - Automatic recognition, processing and attacking of single sign-on protocols with Burp Suite.
2015Co-Authors: Christian Mainka, Vladislav Mladenov, Tim Guenther, Jorg SchwenkAbstract:SAML, Mozilla BrowserID, OpenID, OpenID Connect, Facebook Connect, Microsoft Account, OAuth — today’s web applications are supporting a large set of Single Sign-On (SSO) solutions. Some of them have common properties and behavior, others are completely different. This paper will give an overview of modern SSO protocols. We classify them into two groups and show how to distinguish them from each other. We provide EsPReSSO, an open source BurpSuite plugin that identifies SSO protocols automatically in a browser’s HTTP traffic and helps penetration testers and security auditors to manipulate SSO flows easily.
Santosh Paudel - One of the best experts on this subject based on the ideXlab platform.
-
Identification and Illustration of Insecure Direct Object References and their Countermeasures
2015Co-Authors: Ajay Kumar Shrestha, Pradip Singh Maharjan, Santosh PaudelAbstract:The insecure direct object reference simply represents the flaws in the system design without the full protection mechanism for the sensitive system resources or data. It basically occurs when the web application developer provides direct access to objects in accordance with the user input. So any attacker can exploit this web vulnerability and gain access to privileged information by bypassing the authorization. The main aim of this paper is to demonstrate the real effect and the identification of the insecure direct object references and then to provide the feasible preventive solutions such that the web applications do not allow direct object references to be manipulated by attackers. The experiment of the insecure direct object referencing is carried out using the insecure J2EE web application called WebGoat and its security testing is being performed using another JAVA based tool called Burp Suite. The experimental result shows that the access control check for gaining access to privileged information is a very simple problem but at the same time its correct implementation is a tricky task. The paper finally presents some ways to overcome this web vulnerability
-
Identification and Illustration of Insecure Direct Object References and their Countermeasures
International Journal of Computer Applications, 2015Co-Authors: Ajay Kumar Shrestha, Pradip Singh Maharjan, Santosh PaudelAbstract:The insecure direct object reference simply represents the flaws in the system design without the full protection mechanism for the sensitive system resources or data. It basically occurs when the web application developer provides direct access to objects in accordance with the user input. So any attacker can exploit this web vulnerability and gain access to privileged information by bypassing the authorization. The main aim of this paper is to demonstrate the real effect and the identification of the insecure direct object references and then to provide the feasible preventive solutions such that the web applications do not allow direct object references to be manipulated by attackers. The experiment of the insecure direct object referencing is carried out using the insecure J2EE web application called WebGoat and its security testing is being performed using another JAVA based tool called Burp Suite. The experimental result shows that the access control check for gaining access to privileged information is a very simple problem but at the same time its correct implementation is a tricky task. The paper finally presents some ways to overcome this web vulnerability. General Terms Web Vulnerability; Authorization Keywords IDOR; Web Application; Authorization; Access control; Web exploit
Christian Mainka - One of the best experts on this subject based on the ideXlab platform.
-
On The (In-)Security Of JavaScript Object Signing And Encryption
Proceedings of the 1st Reversing and Offensive-oriented Trends Symposium on - ROOTS, 2017Co-Authors: Dennis Detering, Christian Mainka, Vladislav Mladenov, Juraj Somorovsky, Jorg SchwenkAbstract:JavaScript Object Notation (JSON) has evolved to the de-facto standard file format in the web used for application configuration, cross- and same-origin data exchange, as well as in Single Sign-On (SSO) protocols such as OpenID Connect. To protect integrity, authenticity, and confidentiality of sensitive data, JavaScript Object Signing and Encryption (JOSE) was created to apply cryptographic mechanisms directly in JSON messages. We investigate the security of JOSE and present different applicable attacks on several popular libraries. We introduce JOSEPH (JavaScript Object Signing and Encryption Pentesting Helper) -- our newly developed Burp Suite extension, which automatically performs security analysis on targeted applications. JOSEPH's automatic vulnerability detection ranges from executing simple signature exclusion or signature faking techniques, which neglect JSON message integrity, up to highly complex cryptographic Bleichenbacher attacks, breaking the confidentiality of encrypted JSON messages. We found severe vulnerabilities in six popular JOSE libraries. We responsibly disclosed all weaknesses to the developers and helped them to provide fixes.
-
automatic recognition processing and attacking of single sign on protocols with Burp Suite
Open Identity Summit, 2015Co-Authors: Christian Mainka, Vladislav Mladenov, Tim Guenther, Jorg SchwenkAbstract:SAML, Mozilla BrowserID, OpenID, OpenID Connect, Facebook Connect, Microsoft Account, OAuth — today’s web applications are supporting a large set of Single Sign-On (SSO) solutions. Some of them have common properties and behavior, others are completely different. This paper will give an overview of modern SSO protocols. We classify them into two groups and show how to distinguish them from each other. We provide EsPReSSO, an open source BurpSuite plugin that identifies SSO protocols automatically in a browser’s HTTP traffic and helps penetration testers and security auditors to manipulate SSO flows easily.
-
Open Identity Summit - Automatic recognition, processing and attacking of single sign-on protocols with Burp Suite.
2015Co-Authors: Christian Mainka, Vladislav Mladenov, Tim Guenther, Jorg SchwenkAbstract:SAML, Mozilla BrowserID, OpenID, OpenID Connect, Facebook Connect, Microsoft Account, OAuth — today’s web applications are supporting a large set of Single Sign-On (SSO) solutions. Some of them have common properties and behavior, others are completely different. This paper will give an overview of modern SSO protocols. We classify them into two groups and show how to distinguish them from each other. We provide EsPReSSO, an open source BurpSuite plugin that identifies SSO protocols automatically in a browser’s HTTP traffic and helps penetration testers and security auditors to manipulate SSO flows easily.
Vladislav Mladenov - One of the best experts on this subject based on the ideXlab platform.
-
On The (In-)Security Of JavaScript Object Signing And Encryption
Proceedings of the 1st Reversing and Offensive-oriented Trends Symposium on - ROOTS, 2017Co-Authors: Dennis Detering, Christian Mainka, Vladislav Mladenov, Juraj Somorovsky, Jorg SchwenkAbstract:JavaScript Object Notation (JSON) has evolved to the de-facto standard file format in the web used for application configuration, cross- and same-origin data exchange, as well as in Single Sign-On (SSO) protocols such as OpenID Connect. To protect integrity, authenticity, and confidentiality of sensitive data, JavaScript Object Signing and Encryption (JOSE) was created to apply cryptographic mechanisms directly in JSON messages. We investigate the security of JOSE and present different applicable attacks on several popular libraries. We introduce JOSEPH (JavaScript Object Signing and Encryption Pentesting Helper) -- our newly developed Burp Suite extension, which automatically performs security analysis on targeted applications. JOSEPH's automatic vulnerability detection ranges from executing simple signature exclusion or signature faking techniques, which neglect JSON message integrity, up to highly complex cryptographic Bleichenbacher attacks, breaking the confidentiality of encrypted JSON messages. We found severe vulnerabilities in six popular JOSE libraries. We responsibly disclosed all weaknesses to the developers and helped them to provide fixes.
-
automatic recognition processing and attacking of single sign on protocols with Burp Suite
Open Identity Summit, 2015Co-Authors: Christian Mainka, Vladislav Mladenov, Tim Guenther, Jorg SchwenkAbstract:SAML, Mozilla BrowserID, OpenID, OpenID Connect, Facebook Connect, Microsoft Account, OAuth — today’s web applications are supporting a large set of Single Sign-On (SSO) solutions. Some of them have common properties and behavior, others are completely different. This paper will give an overview of modern SSO protocols. We classify them into two groups and show how to distinguish them from each other. We provide EsPReSSO, an open source BurpSuite plugin that identifies SSO protocols automatically in a browser’s HTTP traffic and helps penetration testers and security auditors to manipulate SSO flows easily.
-
Open Identity Summit - Automatic recognition, processing and attacking of single sign-on protocols with Burp Suite.
2015Co-Authors: Christian Mainka, Vladislav Mladenov, Tim Guenther, Jorg SchwenkAbstract:SAML, Mozilla BrowserID, OpenID, OpenID Connect, Facebook Connect, Microsoft Account, OAuth — today’s web applications are supporting a large set of Single Sign-On (SSO) solutions. Some of them have common properties and behavior, others are completely different. This paper will give an overview of modern SSO protocols. We classify them into two groups and show how to distinguish them from each other. We provide EsPReSSO, an open source BurpSuite plugin that identifies SSO protocols automatically in a browser’s HTTP traffic and helps penetration testers and security auditors to manipulate SSO flows easily.
