This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "2010 BASC Presentations"

From OWASP
Jump to: navigation, search
 
(9 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
{{2010_BASC:Header_Template | Presentations}}
 
{{2010_BASC:Header_Template | Presentations}}
 
__FORCETOC__
 
__FORCETOC__
We would like to thank our speakers for donating their time and effort to help make this conference successful and free.
+
We would like to thank our speakers for donating their time and effort to help make this conference successful.
{{2010_BASC:Presentaton_Info_Template|HTML5 Security|Ming Chow|10|1}}
+
{{2010_BASC:Presentaton_Info_Template|Rugged Software|Joshua Corman|9|9|Keynote}}
 +
Like steel and concrete, software has become modern infrastructure, but
 +
is not nearly as reliable and is nearly infinitely attackable. For
 +
substantive progress, we need pervasive, cultural recognition and
 +
demand for the value Rugged infrastructure assures. Find out why Rugged
 +
is succeeding where previous calls for security have struggled.
 +
{{2010_BASC:Presentaton_Info_Template|HTML5 Security|Ming Chow|10|10|1}}
 
The power of HTML5 allows developers to create  
 
The power of HTML5 allows developers to create  
 
web applications not just structured content, but its new features has increased the attack surface.  This presentation will demo and discuss new attack opportunities, particularly on client machines, including abusing the offline application cache and SQL injection via file-based client-side databases.
 
web applications not just structured content, but its new features has increased the attack surface.  This presentation will demo and discuss new attack opportunities, particularly on client machines, including abusing the offline application cache and SQL injection via file-based client-side databases.
{{2010_BASC:Presentaton_Info_Template|A Crumple Zone for Service Oriented Architectures|Andrew Gronosky|11|1}}
+
{{2010_BASC:Presentaton_Info_Template|A Crumple Zone for Service Oriented Architectures|Andrew Gronosky|11|11|1}}
 
We present a new architectural construct analogous to the crumple zone in an automobile.  It consists of a layer of intelligent service proxies that work together to provide both signature-based and non-signature based defenses. We present our initial design for Java RMI based services and compare it with  web application firewalls.
 
We present a new architectural construct analogous to the crumple zone in an automobile.  It consists of a layer of intelligent service proxies that work together to provide both signature-based and non-signature based defenses. We present our initial design for Java RMI based services and compare it with  web application firewalls.
{{2010_BASC:Presentaton_Info_Template|Hacking SAP BusinessObjects|Joshua Abraham and Will Vandevanter|13|1}}
+
{{2010_BASC:Presentaton_Info_Template|Hacking SAP BusinessObjects|Joshua Abraham and Will Vandevanter|13|13|1}}
BusinessObjects is a very widely deployed business intelligence tool. In this presentation we will present the entire lifecycle of attacking a BusinessObjects server using vulnerabilities that we have found during our research.
+
Business intelligence is a multi-billion industry. At the top of the product food chain is BusinessObjects. BusinessObjects is a very widely deployed business intelligence tool that’s focus is in managing, querying, analyzing, and reporting on business data. It is used by government entities (e.g. U.S Air Force), telecom companies (e.g. Verizon), car manufacturers (e.g. Nissan), and beverage companies (e.g. Coors) to retain and control vast amounts of data. If you are a penetration tester chances are you have run into at least one BusinessObjects server during an engagement. Yet, very few vulnerabilities have been publically released and, to the best of the authors knowledge, no white papers have been released on attack methodologies for BusinessObjects itself. In this presentation we will present the entire lifecycle of attacking a BusinessObjects server from external and internal enumeration (e.g. Google dorks), fingerprinting techniques, account enumeration vulnerabilities, specific attack vectors for gaining access to accounts, privilege escalation vulnerabilities, and eventually full system compromise vulnerabilities that we have found during our research. Anyone interesting in attacking an organization that has BusinessObjects or SOA deployed in their environment should attend this talk.
{{2010_BASC:Presentaton_Info_Template|Business Logic Attacks - BATs and BLBs|Paul Schofield|15|1}}
+
{{2010_BASC:Presentaton_Info_Template|What's Old Is New Again: An Overview of Mobile Application Security|Zach Lanier|14|14|1}}
 +
The ever-increasing prevalence of mobile devices brings with it a slew of security problems. Applications running directly on mobile devices(and web apps optimized for mobile clients) are ripe for the picking even by unsophisticated attackers. The attack classes that once applied to traditional network-facing, fat client, and web applications are now
 +
valid for mobile apps, as well. Insecure authentication and access control; home-grown crypto; and memory management problems are just some of the issues resurfacing on this new frontier. This presentation will discuss the security of some of the most popular applications running on mainstream mobile platforms such as Android, iPhone, Blackberry, and Windows Mobile.
 +
{{2010_BASC:Presentaton_Info_Template|Business Logic Attacks - BATs and BLBs|Paul Schofield|15|15|1}}
 
Business logic attacks are a set of legal application transactions that are used to carry out a malicious operation that is not part of normal business practices. This presentation will provide a quick introduction to business logic attacks, their unique characteristics and the motivation behind their uptick. . Concluding this session we will discuss using multiple advanced techniques to battle these attacks, rather than relying exclusively on application code
 
Business logic attacks are a set of legal application transactions that are used to carry out a malicious operation that is not part of normal business practices. This presentation will provide a quick introduction to business logic attacks, their unique characteristics and the motivation behind their uptick. . Concluding this session we will discuss using multiple advanced techniques to battle these attacks, rather than relying exclusively on application code
{{2010_BASC:Presentaton_Info_Template|The Exploit Arms Race|Christien Rioux|16|1}}
+
{{2010_BASC:Presentaton_Info_Template|The Exploit Arms Race|Christien Rioux|16|16|1}}
As defenses have become more sophisticated, so have the attacks required to circumvent them. Learn about the roots of techniques like Stack cookies/Stackguard/Run-Time Stack Checking, DEP and ASLR, from attacks like trampolining,
+
As defenses to exploits have become more sophisticated, so have the attacks required to circumvent them. A historical perspective will be presented, elaborating on the techniques used and the real reason why they were developed. Modern exploit technique has its roots in solving problems for the attacker, resulting in advanced exploits for the following
return-oriented programming, the evolution of fuzzing techniques, static and dynamic analysis for attacking and defending software.
+
categories of flaw: Stack Overflows, Heap Overflows, Cross-Site Scripting, SQL Injection, and Path Manipulations. Learn about the roots of techniques like Stack cookies/Stackguard/Run-Time Stack Checking, DEP and ASLR, from attacks like trampolining, return-oriented programming, the evolution of fuzzing techniques, static and dynamic analysis for both attacking software.
{{2010_BASC:Presentaton_Info_Template|Another TBD Presentation|To Be Determined|10|2}}
+
{{2010_BASC:Presentaton_Info_Template|OWASP Basics 1 and 2|Robert Cheyne|10|11|2}}
 
Rob presents a number of scenarios that walk participants through the basics of SQL injection, XSS and CSRF, along with a few other tricks he has up his sleeve.  Participants will come away with a foundation for further security learning.  Those already knowledgeable on application security issues will learn some new techniques for presenting and teaching this information in a clear, concise and effective manner.
 
Rob presents a number of scenarios that walk participants through the basics of SQL injection, XSS and CSRF, along with a few other tricks he has up his sleeve.  Participants will come away with a foundation for further security learning.  Those already knowledgeable on application security issues will learn some new techniques for presenting and teaching this information in a clear, concise and effective manner.
{{2010_BASC:Presentaton_Info_Template|Another TBD Presentation|To Be Determined|11|2}}
+
{{2010_BASC:Presentaton_Info_Template|Coffee Shop Warefare:Protecting Yourself in Dark Territory|To Be Determined|13|13|2}}
abstr
+
A lighthearted look at the real threats that people face in personal computing, specifically when connected to unknown network at coffee shops and airports. John will cover many of these threats and discuss tools and best practices everyone can engage in to ensure they protect their machine and information from these risks.
{{2010_BASC:Presentaton_Info_Template|Another TBD Presentation|To Be Determined|13|2}}
+
{{2010_BASC:Presentaton_Info_Template|Url Enlargement|Dan Crowley|14|14|2}}
abstr
+
URL shorteners are ubiquitous in today's Internet culture and have a variety of uses for a variety of users. While many have theorized about the security issues and usages involved with URL shortening services (of which there are an impressive number), this talk will aim to demonstrate them, along with interesting statistics such as the percentage of Goatse-equivalent short URLs. Come see what's behind the short URLs: personal documents, parasitic storage, authentication credentials, attacks and more!
{{2010_BASC:Presentaton_Info_Template|Another TBD Presentation|To Be Determined|14|2}}
+
{{2010_BASC:Presentaton_Info_Template|Web Applications and Data Tokenization|Kenny Smith|15|15|2}}
abst
+
Tokenization has become increasingly popular as a method to protect sensitive data and reduce the scope of security requirements such as PCI DSS.  Many solutions now integrate directly with web applications, tokenizing data before it ever reaches internal corporate systems.  As developers, you may be tasked with integrating tokenization into your applications.  If done correctly, this can be a big win for your organization.  This talk will cover the types of tokenization solutions, seeing through the marketing hype and vendor claims, and how to avoid some common mistakes that could greatly reduce tokenizations effectiveness. 
{{2010_BASC:Presentaton_Info_Template|Another TBD Presentation|To Be Determined|15|2}}
+
{{2010_BASC:Presentaton_Info_Template|Open SAMM|Shakeel Tufail|16|16|2}}
abstr
+
SAMM is an open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization. The building blocks of the model are the three maturity levels defined for each of the twelve security practices. These define a wide variety of activities to reduce security risks and increase software assurance. Additional details are included to measure successful activity performance, understand the associated assurance benefits, estimate personnel and other costs.
{{2010_BASC:Presentaton_Info_Template|Another TBD Presentation|To Be Determined|16|2}}
+
<table width="100%">
abstr
+
<tr>
 
+
<td width="25%">[[File:AuricLogo_300x133.png]]</td>
 +
<td width="25%">[[File:PAN-TNSC-290x109.jpg]]</td>
 +
</tr>
 +
</table>
 +
<table width="100%">
 +
<tr>
 +
<td width="45%">[[File:Whitehatlogo-medium.png]]</td>
 +
<td width="45%">[[File:AppSecDC-2010-Sponsor-fortifyhp.gif]]</td>
 +
</tr>
 +
</table>
 
{{2010_BASC:Footer_Template | Presentations}}
 
{{2010_BASC:Footer_Template | Presentations}}

Latest revision as of 22:49, 19 November 2010

Platinum Sponsors (Listed Alphabetically)
  CORE Security Rapid7  
SafeLight Security
  Security Innovation SOURCE  


We kindly thank our sponsors for their support. Please help us keep future BASCs free by viewing and visiting all of our sponsors.

Presentations

We would like to thank our speakers for donating their time and effort to help make this conference successful.

Rugged Software

Presented by: Joshua Corman
Time: 9:00-9:50
Track: Keynote

Like steel and concrete, software has become modern infrastructure, but is not nearly as reliable and is nearly infinitely attackable. For substantive progress, we need pervasive, cultural recognition and demand for the value Rugged infrastructure assures. Find out why Rugged is succeeding where previous calls for security have struggled.

HTML5 Security

Presented by: Ming Chow
Time: 10:00-10:50
Track: 1

The power of HTML5 allows developers to create web applications not just structured content, but its new features has increased the attack surface. This presentation will demo and discuss new attack opportunities, particularly on client machines, including abusing the offline application cache and SQL injection via file-based client-side databases.

A Crumple Zone for Service Oriented Architectures

Presented by: Andrew Gronosky
Time: 11:00-11:50
Track: 1

We present a new architectural construct analogous to the crumple zone in an automobile. It consists of a layer of intelligent service proxies that work together to provide both signature-based and non-signature based defenses. We present our initial design for Java RMI based services and compare it with web application firewalls.

Hacking SAP BusinessObjects

Presented by: Joshua Abraham and Will Vandevanter
Time: 13:00-13:50
Track: 1

Business intelligence is a multi-billion industry. At the top of the product food chain is BusinessObjects. BusinessObjects is a very widely deployed business intelligence tool that’s focus is in managing, querying, analyzing, and reporting on business data. It is used by government entities (e.g. U.S Air Force), telecom companies (e.g. Verizon), car manufacturers (e.g. Nissan), and beverage companies (e.g. Coors) to retain and control vast amounts of data. If you are a penetration tester chances are you have run into at least one BusinessObjects server during an engagement. Yet, very few vulnerabilities have been publically released and, to the best of the authors knowledge, no white papers have been released on attack methodologies for BusinessObjects itself. In this presentation we will present the entire lifecycle of attacking a BusinessObjects server from external and internal enumeration (e.g. Google dorks), fingerprinting techniques, account enumeration vulnerabilities, specific attack vectors for gaining access to accounts, privilege escalation vulnerabilities, and eventually full system compromise vulnerabilities that we have found during our research. Anyone interesting in attacking an organization that has BusinessObjects or SOA deployed in their environment should attend this talk.

What's Old Is New Again: An Overview of Mobile Application Security

Presented by: Zach Lanier
Time: 14:00-14:50
Track: 1

The ever-increasing prevalence of mobile devices brings with it a slew of security problems. Applications running directly on mobile devices(and web apps optimized for mobile clients) are ripe for the picking even by unsophisticated attackers. The attack classes that once applied to traditional network-facing, fat client, and web applications are now valid for mobile apps, as well. Insecure authentication and access control; home-grown crypto; and memory management problems are just some of the issues resurfacing on this new frontier. This presentation will discuss the security of some of the most popular applications running on mainstream mobile platforms such as Android, iPhone, Blackberry, and Windows Mobile.

Business Logic Attacks - BATs and BLBs

Presented by: Paul Schofield
Time: 15:00-15:50
Track: 1

Business logic attacks are a set of legal application transactions that are used to carry out a malicious operation that is not part of normal business practices. This presentation will provide a quick introduction to business logic attacks, their unique characteristics and the motivation behind their uptick. . Concluding this session we will discuss using multiple advanced techniques to battle these attacks, rather than relying exclusively on application code

The Exploit Arms Race

Presented by: Christien Rioux
Time: 16:00-16:50
Track: 1

As defenses to exploits have become more sophisticated, so have the attacks required to circumvent them. A historical perspective will be presented, elaborating on the techniques used and the real reason why they were developed. Modern exploit technique has its roots in solving problems for the attacker, resulting in advanced exploits for the following categories of flaw: Stack Overflows, Heap Overflows, Cross-Site Scripting, SQL Injection, and Path Manipulations. Learn about the roots of techniques like Stack cookies/Stackguard/Run-Time Stack Checking, DEP and ASLR, from attacks like trampolining, return-oriented programming, the evolution of fuzzing techniques, static and dynamic analysis for both attacking software.

OWASP Basics 1 and 2

Presented by: Robert Cheyne
Time: 10:00-11:50
Track: 2

Rob presents a number of scenarios that walk participants through the basics of SQL injection, XSS and CSRF, along with a few other tricks he has up his sleeve. Participants will come away with a foundation for further security learning. Those already knowledgeable on application security issues will learn some new techniques for presenting and teaching this information in a clear, concise and effective manner.

Coffee Shop Warefare:Protecting Yourself in Dark Territory

Presented by: To Be Determined
Time: 13:00-13:50
Track: 2

A lighthearted look at the real threats that people face in personal computing, specifically when connected to unknown network at coffee shops and airports. John will cover many of these threats and discuss tools and best practices everyone can engage in to ensure they protect their machine and information from these risks.

Url Enlargement

Presented by: Dan Crowley
Time: 14:00-14:50
Track: 2

URL shorteners are ubiquitous in today's Internet culture and have a variety of uses for a variety of users. While many have theorized about the security issues and usages involved with URL shortening services (of which there are an impressive number), this talk will aim to demonstrate them, along with interesting statistics such as the percentage of Goatse-equivalent short URLs. Come see what's behind the short URLs: personal documents, parasitic storage, authentication credentials, attacks and more!

Web Applications and Data Tokenization

Presented by: Kenny Smith
Time: 15:00-15:50
Track: 2

Tokenization has become increasingly popular as a method to protect sensitive data and reduce the scope of security requirements such as PCI DSS. Many solutions now integrate directly with web applications, tokenizing data before it ever reaches internal corporate systems. As developers, you may be tasked with integrating tokenization into your applications. If done correctly, this can be a big win for your organization. This talk will cover the types of tokenization solutions, seeing through the marketing hype and vendor claims, and how to avoid some common mistakes that could greatly reduce tokenizations effectiveness.

Open SAMM

Presented by: Shakeel Tufail
Time: 16:00-16:50
Track: 2

SAMM is an open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization. The building blocks of the model are the three maturity levels defined for each of the twelve security practices. These define a wide variety of activities to reduce security risks and increase software assurance. Additional details are included to measure successful activity performance, understand the associated assurance benefits, estimate personnel and other costs.

AuricLogo 300x133.png PAN-TNSC-290x109.jpg
Whitehatlogo-medium.png AppSecDC-2010-Sponsor-fortifyhp.gif


We kindly thank our sponsors for their support.
Please help us keep future BASCs free by viewing and visiting all of our sponsors.

Gold Sponsors
Auric Systems International Fortify Palo Alto Networks WhiteHat Security

You can find out more about this conference at the BASC homepage: http://www.owasp.org/index.php/2010_BASC_Homepage.
Conference Organizer: Jim Weiler