Embed Size (px)
Citation preview
1
10 WEEKS TO 0 CRITICAL VULNERABILITIES
SENSTIVE DATA EXPOSURE
Sherif Koussa @skoussa
HOUSEKEEPING
• Why we’re all here
• Recording for internal training purposes
• Slides will be provided after the session
• Your mic will be muted, please use “Q&A” for any questions
2
ABOUT ME
3
1999
2006
2007
2008
2009
2010
2019Software
Development
Joined
OWASP
Founded
OWASP Chapter
SANS Mentor &
GIAC Consultant
Wells Fargo
Security Engineer
Founded
Software Secured
Founded
Reshift Security
Certifications: GSSP-Java, GSSP-NET, GWAPT
4
Penetration Testing as a Service company based out of
Ottawa, Canada.
Reshift integrates with your modern software development
pipeline to help your team find and fix vulnerabilities.
10 WEEK SCHEDULE
1. April 10th: Injection
2. April 17th : Broken Authentication
3. April 24th: Sensitive Data Exposure
4. May 1st : External Entity Injection
5. May 8th : Broken Access Control
6. May 15th: Security Misconfiguration
7. May 22nd: Cross-site Scripting
8. May 29th: Insecure Deserialization
9. June 5th: Using Components with Known Vulnerabilities
10. June 12th: Insufficient Logging and Monitoring
5
SENSITIVE DATA EXPOSURE
6
SESSION 3: AGENDA
7
• Introduction
• Sensitive data exposure – data at rest issues
• Sensitive data exposure – data in transit issues
• Lab: Sensitive Data Exposure
• Mitigating sensitive data exposure issues
8
WHAT IS SENSITIVE DATA EXPOSURE?
Sensitive data exposure is a vulnerability that occurs when the application does not provide adequate
controls to protect sensitive information
9
SENSITIVE DATA EXPOSURE
• Lacking or improper encrypting credentials and sensitive data.
• Homegrown cryptographic algorithms.
• Lack of or improper protection for data in transit or at rest.
• Exploitability: DIFFICULT
• Prevalence: UNCOMMON
• Detectability: AVERAGE
• Impact: SEVERE
SENSITIVE DATA EXPOSURE REGULATIONS
• Payment Card Industry (PCI-DSS)
• General Data Protection Regulation (GDPR)
• Health Insurance Portability and Accountability Act (HIPAA)
• The Personal Information Protection and Electronic Documents Act (PIPEDA)
• The Children’s Online Privacy Protection Act (COPPA)
• And many more…
10
SENSITIVE DATA EXPOSURE |DATA AT REST
• Sensitive data stored in the database• Credit card numbers
• Account passwords
• Personally Identifiable Information (PII)
11
SENSITIVE DATA EXPOSURE |DATA AT REST
• Sensitive data stored on the file system• Unencrypted database backups
• Confidential files left unattended in S3 buckets
12
SENSITIVE DATA EXPOSURE |DATA AT REST
• Encryption: is the process of transforming information from a plaintext format using an algorithm (called cipher) to make it unreadable except to those whom the information is intended to.
• Two Main Types• Symmetric Key Encryption• Asymmetric Key Encryption
• Hashing: is the process of transforming information from a plaintext format into a shortened, fixed-length token or hash through the use of one-way functions. Uniqueness depends on strength of hash and how likely collisions are.
13
CRYPTOGRAPHY PRINCIPALS|SYMMETRIC ENCRYPTION
14
Symmetric Encryption: is a class of encryption algorithms that uses the same encryption key for encryption and decryption
Cipher
Encryption Key
PlaintextEncrypted Text
SYMMETRIC ENCRYPTION• Pro: Faster Algorithm
• Con: Key Management
• Symmetric Encryption Applications:• Encrypting Data At Rest• Encrypting sensitive data in the database• Whole Disk Encryption
• Known Attacks:• Brute Force Attacks: performing one trial decryption for each
key• Related Key Attacks: exploits AES’s simple key schedule• Side-channel Attacks: attacks ciphers that leak data
unnecessarily
• Algorithms:• AES
15
CRYPTOGRAPHY PRINCIPALS - ASYMMETRIC ENCRYPTION
16
Asymmetric Encryption: AKA public-key cryptography is a class of encryption algorithms that uses a public key for encryption and a private key for decryption.
Public Key
Encrypted Text
Private Key
Plain Text
ASYMMETRIC ENCRYPTION (CONT.)
• Asymmetric Encryption:• Pros:
• Easier Key Management
• Cons• Slower
• Best Suited For:• Encrypting symmetric keys for data in transit
• Signing Messages
• Encrypting symmetric keys
• Algorithms• RSA
• ECC / ECDH
17
CRYPTOGRAPHY PRINCIPALS - HASHING
18
A hash function is any algorithm or subroutine that maps large data sets of variable length, called keys, to smaller data sets of a fixed length called hash.
Plain Text Cipher Hash
DIFFERENT HASH FUNCTIONS
Different hashes calculated for “Hello There!”
19
HASHING CHALLENGES
Same text will lead to the same hash
20
This means that the opposite is true too !
Plaintext 1 … Hash 1
Plaintext 2 Cipher Hash 2
Plaintext 3 … Hash 3
Plaintext 2 … Hash 2
HASHING CHALLENGES
Same text will lead to the same hash
21
Collisions can happen using some earlier algorithms
Plaintext 1 … Hash 1
Plaintext 2 Cipher Hash 2
… … …
Plaintext 992 … Hash 1
SENSITIVE DATA EXPOSURE |DATA IN TRANSIT
22
Consider the following example, what is the problem?
SENSITIVE DATA EXPOSURE |DATA IN TRANSIT
• Where is the vulnerability?• The web server is configured to authenticate users using header
based authentication over HTTP.
• What’s the big deal?• HTTP is a clear-text protocol and does not have any security
controls to ensure data integrity and authenticity.
• End Result:• An attacker can use a simple network sniffer or man-in-the-
middle attack to harvest user credentials.
23
SENSITIVE DATA EXPOSURE |DATA IN TRANSIT-WEAK/MISSING SERVER CERTIFICATE
24
SENSITIVE DATA EXPOSURE |DATA IN TRANSIT-WEAK CYPHERS
25
SENSITIVE DATA EXPOSURE |DATA IN TRANSIT-WEAK PROTOCOLS
26
SENSITIVE DATA EXPOSURE |DATA IN TRANSITMIXED CONTENT
SECURE.COM
(HTTPS)
/js/console.js (HTTP)
/admin.php (HTTPS)
/css/sites.css (HTTP)
27
SENSITIVE DATA EXPOSURE |DATA IN TRANSIT
Mixed Content - Passive Data Exposure• CSS, Images, etc• Could be used to track users.
28
SENSITIVE DATA EXPOSURE |DATA IN TRANSIT
Mixed Content – Active Data Exposure• Scripts, etc• Could be used to change website contents, steal sessions,
website defacement.
29
SENSITIVE DATA EXPOSURE |DATA IN TRANSIT
• Where is the vulnerability?• The web server is configured to deliver web page resources for a
protected page over HTTP instead of HTTPS.
• What’s the big deal?• HTTP is a clear-text protocol and does not have any security
controls to ensure data integrity and authenticity.
• End Result:• An attacker can leverage a man-left-in-the-middle attack to
compromise these resources.
30
LAB: SENSITIVE DATA EXPOSURE
31
MITIGATING SENSITIVE DATA EXPOSURE | DATA AT REST – SENSITIVE DATA
• Identify the best cryptographic strategy
• Avoid home-grown algorithms
• Separate the key from the code and the encrypted data
• Key access restricted to small group
• Use reputable and well-known algorithms• Symmetric: AES
• Asymmetric: ECC
OWASP Top 10 – Attacks and Countermeasures - Copyright Software Secured 2018
32
MITIGATING SENSITIVE DATA EXPOSURE | DATA AT REST - PASSWORDS
33
Passwords: hash each password with a unique SALT
Plaintext 1 Salt 1 … Hash 1
Plaintext 2 Salt 2 Cipher Hash 2
Plaintext 3 Salt 3 … Hash 3
Plaintext 1 Salt 4 … Hash 4
MITIGATING SENSITIVE DATA EXPOSURE | DATA AT REST - PASSWORDS
• Don’t limit max length for credentials
• Use cryptographically random numbers for SALTs
• Use adaptive one-way hashing functions • Argon2: the winner of the Password Hashing Competition
in 2015• PBKDF2: implemented by most platforms and should be
used when FIPS is required • Bcrypt: when you can’t find an implementation for Argon2
or PBKDF2
34
MITIGATING SENSITIVE DATA EXPOSURE|DATA IN TRANSIT
• Leverage HTTPS throughout the whole application
• Use TLS and avoid SSL
• Avoid mixed content traps
• Use certificates from reputable CAs
• Disable weak ciphers on server.
• Enable OCSP Stapling and HSTS
35
IMPLEMENTING ONE WAY HASHING ALGORITHM: PBKDF2
• PBKDF2 (Password-Based Key Derivation Function 2): part of RSA Laboratories' Public Key Cryptography Standards (PKCS)
• The PBKDF2 key derivation function has 5 input parameters:
• PRF is a pseudorandom function of two parameters with output length hLen (e.g a keyed HMAC)
• Password is the master password to be used (user’s password in this case)
• Salt: a unique pseudorandom value• c is the number of iterations• dkLen is the desired length of the derived key• DK is the generated derived key
36
IMPLEMENTING ONE WAY HASHING ALGORITHM: PBKDF2
• The steps required to hash a new password• Generate the unique random salt
• Obtain the current iteration count
• Hash the user’s password
• Concatenate and save all 3 pieces of data ( salt, iteration, hashed password)
• Verify a proposed password entry• Obtain the concatenated value and disassemble it back.
• Hash the proposed password entry with the retrieved salt and iteration count
• Compare results.
• Sample implementations: • https://msdn.microsoft.com/en-
us/library/system.security.cryptography.rfc2898derivebytes(v=vs.110).aspx
• http://lockmedown.com/hash-right-implementing-pbkdf2-net/
37
USERS USE WEAK PASSWORDS
38https://xkcd.com/936/
TOOLS
39
• Reshift security: a developer first security tool that finds insecure crypto in source code.
• https://www.ssllabs.com/analyze.html: SSL Server Test
• Git Secrets: is a bash tool to store your private data inside a git repo.
• Turtle Hog: Searches through git repositories for high entropy strings and secrets including commit history
• Yelp / detect-secrets: An enterprise friendly way of detecting and preventing secrets in code.
• Nmap – SSL Enum Ciphers: Discovers a list of all the ciphersuites and compressors that a server accepts.
• Cipherli.st: Lists Strong Ciphers for Apache, nginx and Lighttpd
• OWASP /SeideKEK: a way to protect cryptographic master keys.
RESOURCES
40
• NIST Cryptographic Standards and Guidelines
• Cryptographic Storage Cheat Sheet
• TLS Cypher String Cheat Sheet
10 WEEKS TO 0 VULNERABILITIES PROGRAM
1.April 10th: Injection
2.April 17th : Broken Authentication
3.April 24th: Sensitive Data Exposure
4.May 1st : External Entity Injection
5.May 8th : Broken Access Control
6.May 15th: Security Misconfiguration
7.May 22nd: Cross-site Scripting
8.May 29th: Insecure Deserialization
9.June 5th: Using Components with Known Vulnerabilities
10. June 12th: Insufficient Logging and Monitoring
41
Register
Sign up for next week’s session:
