This document discusses vulnerabilities in web applications and strategies for preventing attacks. It begins with an overview and survey of common vulnerabilities like injection flaws and cross-site scripting. It then examines vulnerabilities across application sub-tiers from the client level to the network level. The document provides examples of attacks at each tier and through the transport layer, compromised certificates, and DNS. It also profiles popular hacking tools and outlines primary protection steps like understanding the environment and prioritizing defenses based on risk. Finally, it discusses earning money through ethical hacking via bug bounty programs.

1. Web Application Hacking
The Art of Exploiting Vulnerable Web Application
Eryk Budi Pratama
Seminar Prodi Informatika | 24 Agustus 2019

2. WHO AM I?
• Cyber Security & Community Enthusiast
• Cyber Security Professional, Global Consulting Firm
• Cyber Security Strategy & Governance, Technical
Assessment, Cloud Security, Emerging Technology,
DevSecOps
• IT Advisory, Audit, Governance, Risk, & Compliance
• Knowledge Hunter
• @proferyk

3. Overview

4. Survey
Source: https://www.f5.com/content/dam/f5-labs-v2/article/pdfs/F5Labs_2018_Application_Protection_Report.pdf
Application breaches by initial attack type
Breaches by root cause

5. Common Web Application Vulnerabilities (1/2)
Source: https://www.edgescan.com/wp-content/uploads/2019/02/edgescan-Vulnerability-Stats-Report-2019.pdf

6. Common Web Application Vulnerabilities (2/2)
Source: https://www.edgescan.com/wp-content/uploads/2019/02/edgescan-Vulnerability-Stats-Report-2019.pdf

7. Case Studies - Indonesia

8. Cyber Attack Map

9. Vulnerability Stack
User – Login Form
Internet
Firewall
Web Server
Web Application
DBMS
OS System Call DB Output

10. Application Sub-Tiers and Components
 App source
code
Internal code
External code
 Server-side
infrastructure
Web server
CDN
Data storage
 Server-side
frameworks
 Authentication
 Authorization
 Identity
 Federation
 Encryption
 Certificate
authorities
 DNS servers
 Registrars
 Global ISPs
 Last mile
 Internet routing
Data flow within the application
Services Access Control Transport Domain Name Network

11. Application Threats at Each Tier
 API attacks
 Injection
 Malware
 DDoS
 Cross-site scripting
 Cross-site request
forgery
 Man-in-the-middle
 Abuse of
functionality
 Credential theft
 Credential stuffing
 Session hijacking
 Brute force
 Phishing
 DDoS
 Key disclosure
 Protocol abuse
 Session hijacking
 Certificate spoofing
 Man-in-the-middle
 DNS cache
poisoning
 DNS spoofing
 DNS hijacking
 Dictionary attacks
 DDoS
 DDoS
 Eavesdropping
 Protocol abuse
 Man-in-the-middle
Services Access Control Transport Domain Name Network
Client
Cross-site request forgery
Cross-site scripting
Man-in-the-middle
Session hijacking
Malware
Social Engineering

12. Sample Attack via Transport Layer
Source: https://www.f5.com/content/dam/f5-labs-v2/article/pdfs/F5Labs_2018_Application_Protection_Report.pdf

13. Sample Attack via Compromised Digital Certificate
Source: https://www.f5.com/content/dam/f5-labs-v2/article/pdfs/F5Labs_2018_Application_Protection_Report.pdf

14. Sample Attack via DNS
Source: https://www.f5.com/content/dam/f5-labs-v2/article/pdfs/F5Labs_2018_Application_Protection_Report.pdf

15. Web Hacking Tools
Source: https://www.statista.com/statistics/800916/worldwide-useful-software-hacking/

16. How to Prevent Web Application
Attack

17. Primary Application Protection Steps
Understand your environment
Reduce your attack surface
Prioritize defenses based on RISK
Select flexible and integrated
defense tools
Integrate security into development
1
2
3
4
5

18. Earn Money from
Ethical Hacking

19. Bug Bounty Program – Crowd sourced

20. Bug Bounty Program – Individual

21. Bug Bounty Flow - Sample
Source: https://bugbounty.linecorp.com/en/faq/
Find Bug(s) Report Bug Bug Validation Bug Rating Bug Fixing Rewards

22. Bug Bounty Rewards - Sample

23. Live Demo

24. Thank You
proferyk@gmail.com