Topic: Bypassing Web Application Firewalls (WAF)
Date: 3.3.2010 at 19:00 (7:00pm)
Where: Progressbar, Cukrova, Bratislava
Presenter: Pavol Lupták
The goal of the presentation is to describe typical obfuscation attacks that allow attacker to bypass standard security measures such as various input filters, output encoding mechanisms used in web-based intrusion detection systems (IDS), intrusion prevention systems (IPS) and web application firewalls (WAFs). These attacks include different networking tricks, polymorphic shellcode and various code techniques.
At the beginning we analyze and compare different HTML parsing and interpretation approaches used by most-common browsers that can lead to unique attack vectors.
However most of current applications are immune against SQL injection attacks, it is still possible to find many vulnerable applications. We focus on different fuzzy techniques (and useful open source SQL injection tools that implement them) which can be still used to bypass weak input validation controls.
We conclude our presentation with demonstration of the most basic obfuscation techniques that can be successfully used to bypass traditional web application firewalls (WAFs).