Hacking the Code: Auditor's Guide to Writing Secure Code for the WebHacking the Code has over 400 pages of dedicated exploit, vulnerability, and tool code with corresponding instruction. Unlike other security and programming books that dedicate hundreds of pages to architecture and theory based flaws and exploits, Hacking the Code dives right into deep code analysis. Previously undisclosed security research in combination with superior programming techniques from Foundstone and other respected organizations is included in both the Local and Remote Code sections of the book. The book is accompanied with a FREE COMPANION CD containing both commented and uncommented versions of the source code examples presented throughout the book. In addition to the book source code, the CD also contains a copy of the author-developed Hacker Code Library v1.0. The Hacker Code Library includes multiple attack classes and functions that can be utilized to quickly create security programs and scripts. These classes and functions simplify exploit and vulnerability tool development to an extent never before possible with publicly available software.
|
Contents
Working with NET Encryption Features | 200 |
Code Audit Fast Track | 201 |
Keeping Memory Clean | 202 |
Frequently Asked Questions | 203 |
Filtering User Input | 205 |
Introduction | 206 |
Handling Malicious Input | 207 |
Other Sources of Input | 209 |
14 | |
15 | |
16 | |
18 | |
19 | |
22 | |
25 | |
27 | |
28 | |
33 | |
34 | |
36 | |
37 | |
38 | |
41 | |
42 | |
44 | |
45 | |
46 | |
47 | |
48 | |
Managing Passwords | 49 |
Sending Information Via EMail | 50 |
Frequently Asked Questions | 51 |
Authenticating and Authorizing Users | 53 |
Introduction | 54 |
Authenticating Users | 55 |
Security Policies | 57 |
Using Forms Authentication | 58 |
Configuring Forms Authentication | 64 |
Security Policies | 65 |
Basic Authentication | 66 |
Digest Authentication | 67 |
Integrated Windows Authentication | 68 |
Client Certificate Mapping | 69 |
Authenticating Users | 70 |
Security Policies | 75 |
Security Policies | 78 |
Locking Accounts | 79 |
Finding Other Countermeasures | 81 |
Security Policies | 86 |
Deciding How to Authorize | 87 |
Roles and Resources | 90 |
Security Policies | 91 |
Security Policies | 92 |
Applying URL Authorization | 93 |
HTTP Verbs | 95 |
Files and Paths | 97 |
Configuration Hierarchy | 98 |
Security Policies | 99 |
Declarative Authorization | 100 |
Explicit Authorization | 101 |
Security Policies | 102 |
Coding Standards Fast Track | 103 |
Blocking BruteForce Attacks | 104 |
Applying URL Authorization | 105 |
Using Windows Authentication | 106 |
Employing File Authorization | 107 |
Frequently Asked Questions | 108 |
Managing Sessions | 109 |
Introduction | 110 |
Authentication Tokens | 111 |
Maintaining State | 113 |
Does the Application Use a Sufficiently Large Keyspace? | 114 |
Is It Possible for a User to Manipulate the Token to Hop to Another Account? | 115 |
Does the Client Store the Token After the Session Ends? | 116 |
Selecting a Token Mechanism | 117 |
CookieBased Tokens | 118 |
Security Policies | 119 |
Securing InProcess State | 120 |
Securing SQL Server State Management | 122 |
General Settings | 123 |
Using ASPNET Tokens | 124 |
Cookie Domain | 125 |
Cookie Path | 127 |
Cookie Expiration | 128 |
Secure Cookies | 130 |
Cookie Values | 131 |
Protecting View State | 132 |
Security Policies | 135 |
Creating Tokens | 136 |
Binding to the Client | 139 |
Security Policies | 141 |
Terminating Sessions | 142 |
Security Policies | 144 |
Coding Standards Fast Track | 145 |
Using ASPNET Tokens | 146 |
Terminating Sessions | 147 |
Using State Providers | 148 |
Enhancing ASPNET State Management | 149 |
Frequently Asked Questions | 150 |
Encrypting Private Data | 153 |
Introduction | 154 |
Using Cryptography in ASPNET | 155 |
Employing Symmetric Cryptography | 156 |
DES and 3DES | 159 |
Rijndael | 163 |
RC2 | 165 |
Selecting an Algorithm | 166 |
Establishing Keys and Initialization Vectors | 170 |
Security Policies | 177 |
Working with Hashing Algorithms | 179 |
Verifying Integrity | 181 |
Hashing Passwords | 183 |
Security Policy | 186 |
Creating Random Numbers | 187 |
Security Policy | 188 |
Security Policies | 190 |
Storing Secrets in a File | 192 |
Storing Secrets in the Registry | 194 |
Storing Secrets Using DPAPI | 195 |
Protecting Communications with SSL | 196 |
Security Policies | 198 |
Coding Standards Fast Track | 199 |
Security Policy | 211 |
Centralizing Code | 213 |
Testing and Auditing | 214 |
Security Policy | 218 |
Bounds Checking | 219 |
Validator Controls | 220 |
Security Policy | 222 |
Escaping Data | 225 |
Security Policy | 226 |
Reflecting the Data | 227 |
Security Policy | 229 |
Encoding Data | 230 |
Security Policy | 234 |
Security Policy | 235 |
Security Policy | 237 |
Security Policy | 239 |
Security Policy | 240 |
Security Policy | 241 |
Security Policy | 243 |
Unused Code | 244 |
Limiting Access to Code | 246 |
Security Policy | 247 |
ServerSide Code | 248 |
Request Length | 249 |
Security Policy | 250 |
Coding Standards Fast Track | 251 |
Data Reflecting | 252 |
Exception Handling | 253 |
Hardening Server Applications | 254 |
Pattern Matching | 255 |
Double Decoding | 256 |
Limiting Attack Scope | 257 |
Frequently Asked Questions | 258 |
Accessing Data | 261 |
Introduction | 262 |
Securing Databases | 263 |
Security Policy | 265 |
Securing Specific Drivers | 267 |
IIS with ODBC | 269 |
Security Policy | 270 |
Security Policy | 272 |
Security Policy | 274 |
Authentication | 275 |
Protecting Connection Strings | 277 |
Authorization | 278 |
Security Policy | 279 |
Preventing SQL Injection | 280 |
Filtering or Escaping Dangerous Characters | 285 |
Using SqlParameters | 287 |
Constraining Data Types and Length | 289 |
Handling Errors on the Server | 290 |
Security Policy | 291 |
Security Policy | 296 |
Security Policy | 302 |
Coding Standards Fast Track | 303 |
Writing Secure Data Access Code | 304 |
Code Audit Fast Track | 305 |
Securing the Database | 306 |
Reading and Writing to Data Files | 307 |
Developing Secure ASPNET Applications | 309 |
Introduction | 310 |
Constructing Safe HTML | 311 |
Security Policy | 314 |
Security Policy | 315 |
Using Structured Error Handling | 317 |
Structured Error Handling | 319 |
Security Policy | 321 |
Generic Errors | 322 |
Logging Errors | 323 |
Security Policy | 325 |
Coding Standards Fast Track | 326 |
Handling Exceptions | 327 |
Preventing Information Leaks | 328 |
Frequently Asked Questions | 329 |
Securing XML | 331 |
Introduction | 332 |
Encrypting XML Data | 333 |
XML Encryption Process | 339 |
XML Encryption Example | 340 |
Security Policies | 348 |
XML Digital Signatures Specification | 349 |
XML Digital Signature Example | 351 |
Security Policies | 357 |
Coding Standards Fast Track | 358 |
Applying XML Digital Signatures | 359 |
Understanding NET Security | 361 |
Introduction | 362 |
Principal | 363 |
Authentication | 364 |
Type Safety | 365 |
Stack Walking | 366 |
Code Identity | 368 |
Code Groups | 369 |
Declarative and Imperative Security | 371 |
Requesting Permissions | 373 |
Demanding Permissions | 376 |
Overriding Security Checks | 379 |
Custom Permissions | 385 |
RoleBased Security | 387 |
WindowsPrincipal | 388 |
GenericPrincipal | 389 |
Manipulating Identity | 390 |
RoleBased Security Checks | 392 |
Security Policies | 396 |
Creating a New Permission Set | 399 |
Modifying the Code Group Structure | 405 |
Remoting Security | 412 |
Security Tools | 415 |
Summary | 418 |
Security Fast Track | 419 |
Frequently Asked Questions | 423 |
Glossary of Web Application Security Threats | 427 |
429 | |