Attacks (LDAP ,XML) Injection
toggle_content title="Transcript" The next attack we look at is LDAP injection which is the light to a directory access protocol. This protocol is used to query directories and very similar to S.Q.L. It preys on vulnerabilities in web applications that have access to query or modify the directory tree. While is common LDAP injection attacks are ver...
[toggle_content title="Transcript"] The next attack we look at is LDAP injection which is the light to a directory access protocol. This protocol is used to query directories and very similar to S.Q.L. It preys on vulnerabilities in web applications that have access to query or modify the directory tree. While is common LDAP injection attacks are very similar to S.Q.L. attacks in that in the way they work and the content of the requests is not validated. So usually the content of the result that they requested is not validated on the server it is possible for malicious persons to craft these LDAP queries in such a way that they're able to pull all unauthorized information out of the servers. That way they could compromise confidentiality of information that should stay internal to an organization. Next we have another attack, Extensible Markup Language X.M.L. injection. This has a wide variety of uses from providing where X.M.L. itself has a wide variety of uses from providing web services, rich Internet content, or system configurations to acting as a database. Similar to S.Q.L. as well as LDAP attacks these attacks will exploit vulnerabilities and the openness of the X.M.L. to inject malicious code, modify the applications behavior and or retrieve or modify data held within the databases of the servers. Malicious persons able to exploit the openness of this program to gain unauthorized access. In preventing X.M.L. injection attacks this requires the validation of input and more extensive deployments may choose to deploy in monitoring of firewall solution for added protection. So if you are able to monitor what is leaving the organizations it could be application putting firewalls that are put in place, you can monitor the traffic that is leaving or coming in to your systems. That way you could prevent X.M.L. injection attacks. For directory traversal attacks within organization that, some organizations have their servers their ground or a lot of access to these servers. The servers should be properly locked down to ensure that individuals cannot just inject code and gain unauthorized access to other systems outside of the compartments within ,within which they've only been granted access. So if access is granted to certain portions of a server, those portions should be locked down so that unauthorized access could not be gained to other sections of the server just by simply injecting code. Some of that are facing the Internet should be properly logged out so that malicious person cannot just inject commands that will grant on authorized access to sensitive information. Buffer overflow - This is a form of attack with which malicious person will direct program execution flow to perform defined tasks by over filling the buffers. Usually within the servers there are fields which we refer to as buffers. These buffers should be properly defined by the programmers for the type of information they can contain. But where the programmers do not follow best practices and they don't do bounds checking where your programmers do not follow bounds checking, it is possible that they enable this fields which can contain much more information than to should. Thereby malicious person may overflow these fields causing the information to flow into memory where they could cause that information to trigger and allow the servers behave in malicious ways. They could gain information, gain authorized access, and all confidentiality could be breached on your computers. It is possible to manipulate your servers in ways that they are not supposed to by exploiting these buffer overflows. [/toggle_content] Attacks (LDAM, XML) Injection The next attacks we look at are the LDAP/XML Injection attacks. This lesson covers how LDAP and XML attacks are able to successfully extract unauthorized info from the server. For example, you'll learn what tools and techniques, such as filtering firewalls to minimize the ability of unauthorized query request to gain sensitive information.
Vulnerability Management is a continuous information security risk process that requires management oversight and includes a 4-tier approach of: discovery, reporting, prioritization, and response