Security Code Review – String Search Patterns For Finding Input Validation Vulnerabilities

Well defined set of search patterns helps significantly reduce time (cost) when performing security code inspections. This post focuses on input validation vulnerabilities commonly found in ASP.NET web applications. SQL Injection and Cross Site Scripting (XSS) String search patterns SQL Injections and XSS attacks are most common that exploit improper data access and lack of…

2

WCF Security - Input/Data Validation Using Schemas

WCF offers very flexible approach of Input and Data Validation based on XML Schemas. The approach is flexible since the validation rules are expressed in form of XML schema and can be changed at any time without recompiling the solution. I followed the steps detailed in How To: Perform Message Validation with Schema Validation in…

1

WCF Security - Input/Data Validation Sample Visual Studio Project

Input and Data Validation is one of the core security principles. WCF is no exception. To get most out of WCF in secure way one must implement proper Input and Data Validation. I was following instructions on How To – Perform Input Validation in WCF compiled by patterns&practice team lead by JD Meier. In a…

1

Quickly Find And Fix Cross Site Scripting (XSS) Vulnerabilities In Your ASP.NET Application.

Want to quickly check your ASP.NET Web application for Cross Site Scripting (XSS) vulnerability? It is pretty easy with the knowledge and tools you already have. This post describes how to quickly find and fix most of XSS vulnerabilities in your code. Why XSS vulnerabilities are possible XSS vulnerabilities are possible when un-sanitized data printed…

2

AJAX Security - Client Side Validation Is For Usability Only, Not For Security

“As to methods there may be a million and then some, but principles are few. The man who grasps principles can successfully select his own methods. The man who tries methods, ignoring principles, is sure to have trouble.” Ralph Waldo Emerson AJAX is another technique among myriads of others to present information and to send…

6

Creating a Parameterized Query In Visual Studio

Creating parameterized queries is one of the major countermeasures to SQL Injection attacks (not the ultimate but major). I always did it in old fashion way – using code only and I am ashamed I never utilize advanced productivity features of Visual Studio. Beth Massi does great job explaining how to build parameterized queries in her Creating…

1

Security Code Inspection - Eternal Search For SQL Injection

Here are couple of techniques I used for searching hints of SQL Injections in .Net apps. The basic approach is described here http://msdn2.microsoft.com/en-us/library/ms998399.aspx. It is basically split into two major parts – preliminary scan and the detailed scan. The keyword is hotspot – find hotspot and  investigate it accordingly. Hotspot can be something around SQL injection…

6

XSS? - Do not Make Me Laugh, We Use WinForms

Reposted from XSS? – Do not Make Me Laugh, We Use WinForms I find myself sometimes (actually too many times…) in situation explaining people of impact of Cross Site Scripting (attack) attacks as a result of importer encoding of user input (vulnerability) and how to counter this attack properly. Once all parties understand this everybody…

2

Good Chance For Canonicalization Attack When Using Path.Combine()

In my previous post, .Net Assembly Spoof Attack, I’ve described potential DLL hijacking/spoof attack when using reflection for dynamically loaded assemblies. Today I was reviewing some project where I stumbled on exactly such case. One thing that caught my eyes was that path to reflected DLL, the one to be loaded dynamically was built like…

0

How To Hack WCF - New Technology, Old Hacking Tricks

First of I’d like to thank Guy for his excellent screencast – very convenient, so thanks. Specifically I liked introductory screencast for WCF which can be found here: http://blogs.microsoft.co.il/blogs/bursteg/pages/WCF-Introduction-Demo-_2800_ScreenCast_2900_.aspx It is dubbed in Hebrew, but the screens are flipping in so logical way so that one who does not understand Hebrew will be fine -…

12