Time
1 hour 51 minutes
Difficulty
Beginner
CEU/CPE
3

Video Description

[toggle_content title="Transcript"] The next attack we look at is LDAP injection which is the light to a directory access protocol. This protocol is used to query directories and very similar to S.Q.L. It preys on vulnerabilities in web applications that have access to query or modify the directory tree. While is common LDAP injection attacks are very similar to S.Q.L. attacks in that in the way they work and the content of the requests is not validated. So usually the content of the result that they requested is not validated on the server it is possible for malicious persons to craft these LDAP queries in such a way that they're able to pull all unauthorized information out of the servers. That way they could compromise confidentiality of information that should stay internal to an organization. Next we have another attack, Extensible Markup Language X.M.L. injection. This has a wide variety of uses from providing where X.M.L. itself has a wide variety of uses from providing web services, rich Internet content, or system configurations to acting as a database. Similar to S.Q.L. as well as LDAP attacks these attacks will exploit vulnerabilities and the openness of the X.M.L. to inject malicious code, modify the applications behavior and or retrieve or modify data held within the databases of the servers. Malicious persons able to exploit the openness of this program to gain unauthorized access. In preventing X.M.L. injection attacks this requires the validation of input and more extensive deployments may choose to deploy in monitoring of firewall solution for added protection. So if you are able to monitor what is leaving the organizations it could be application putting firewalls that are put in place, you can monitor the traffic that is leaving or coming in to your systems. That way you could prevent X.M.L. injection attacks. For directory traversal attacks within organization that, some organizations have their servers their ground or a lot of access to these servers. The servers should be properly locked down to ensure that individuals cannot just inject code and gain unauthorized access to other systems outside of the compartments within ,within which they've only been granted access. So if access is granted to certain portions of a server, those portions should be locked down so that unauthorized access could not be gained to other sections of the server just by simply injecting code. Some of that are facing the Internet should be properly logged out so that malicious person cannot just inject commands that will grant on authorized access to sensitive information. Buffer overflow - This is a form of attack with which malicious person will direct program execution flow to perform defined tasks by over filling the buffers. Usually within the servers there are fields which we refer to as buffers. These buffers should be properly defined by the programmers for the type of information they can contain. But where the programmers do not follow best practices and they don't do bounds checking where your programmers do not follow bounds checking, it is possible that they enable this fields which can contain much more information than to should. Thereby malicious person may overflow these fields causing the information to flow into memory where they could cause that information to trigger and allow the servers behave in malicious ways. They could gain information, gain authorized access, and all confidentiality could be breached on your computers. It is possible to manipulate your servers in ways that they are not supposed to by exploiting these buffer overflows. [/toggle_content] Attacks (LDAM, XML) Injection The next attacks we look at are the LDAP/XML Injection attacks. This lesson covers how LDAP and XML attacks are able to successfully extract unauthorized info from the server. For example, you'll learn what tools and techniques, such as filtering firewalls to minimize the ability of unauthorized query request to gain sensitive information.

Video Transcription

00:04
The next attack we look at is held up injection, which is the lightweight directory access protocol. This protocol is used to query directories on very similar to sq. Oh, it's praise on vulnerabilities in Web applications that have access to query or modify the directory tree
00:22
while less common held up injection attacks are very similar to Estrella attacks in that in the way they work on the content off, the request is not validated. So usually the content of the result that be requested is not validated
00:37
on the servers. It is possible for malicious persons toe craft.
00:42
These held up queries in such a way that they ableto pool unauthorized information out off the service.
00:50
That way, they could compromise confidentiality off information that you will stay in tunnel to an organization.
00:57
Next, we have
00:59
another talk Extensible Markup Language XML Injection.
01:03
This has a wide variety of users from providing where XML itself has a wide variety of uses from providing Web service is reach Internet content or system configurations toe acting as a database on similar to SQL as well and held up attacks. These attacks would exploit vulnerabilities
01:22
on the openness off the XML
01:23
to inject militia schooled,
01:26
modify the applications behavior and retrieve or modified data held within the data business or the service.
01:34
Malicious persons I ableto exploit the open There's off the off this program
01:41
toe
01:42
gain unauthorized access
01:44
in preventing XML injection attacks. This requires the validation off input on more expense. Extensive deployments may choose to deploy a monitoring or fire war solution for other protection, So if you are able to monitor what is leaving the organization's, it could be application future and firewalls that I put in place.
02:04
You can money tow the traffic that is leaving or coming in
02:07
to your systems. That way, you could prevent XML injection attacks
02:12
for directory Tre Brussel attacks
02:16
within organizations that some organizations have their service.
02:22
The grand order individuals access to the servers.
02:27
The service should be properly locked down to ensure that
02:30
individuals cannot just inject code on
02:36
gained unauthorized access toe other systems outside
02:40
all the compartments between within within which they've all only been granted access. So if access is granted to set in portions of a server, those portions should be locked down so that unauthorized access could not be gained toe. Other sections off the server just by simply injecting court
03:00
on summers that are facing the Internet should be properly locked down so that malicious persons cannot just inject
03:07
commands that will grant unauthorized access to sensitive information.
03:13
Buffer overflow.
03:15
This is a form of attack
03:16
with which malicious persons will be direct program Execution flew to perform attack defined tasks by over feeling the buffers.
03:28
Usually within the servers, there are fields, which we refer to as buffers. These buffers should be properly defined by the programmers for the type of information they can contain. But where the programmers do not follow best practices on, they don't do, um,
03:47
bounds. Checking where your programmers do not fall. No bounds Checking. It is possible that the enabled these fields,
03:55
which can contain much more information and issued thereby malicious persons will overflow these fields, causing the information toe flew into memory where they could cause that information to trigger on. Allow the servers behave in
04:14
Miley shows ways they could gain information gain, authorized access or confidentiality could be breached on your computers. It is possible to manipulate yourself us in ways that they're not supposed to buy.
04:28
Exploiting these buffalo overflows

Up Next

Fundamental Vulnerability Management

Vulnerability Management is a continuous information security risk process that requires management oversight and includes a 4-tier approach of: discovery, reporting, prioritization, and response

Instructed By

Instructor Profile Image
John Oyeleke
Lead IT Security Instructor
Instructor