Hacking NodeJS Applications For Fun - FOSDEM 2021
2y ago
31 Views
1 Downloads
2.14 MB
43 Pages
Report/dmca
Download PDF

Transcription

Hacking NodeJSapplications for funand profitTesting NodeJS Securityby @jmortegac

Agenda Introduction nodejS security Npm security packages Node Goat project Tools

Node JS JavaScript in the backendBuilt on Chrome s Javascript runtime(V8)NodeJs is based on event loopDesigned to be asynchronousSingle ThreadNode.js is resilient to flooding attacks sincethere’s no limit on the number of concurrent requests.

ecurity-updates.html

ries

Npmsecuritypackages lidatorbcrypt-nodeexpress-enforces-ssl

Security HTTPHeaders y

Helmet module https://www.npmjs.com/package/helmet

https://github.com/helmetjs/helmetHelmet module

Helmet module hidePoweredBy Hpkp protection MITM Hsts forces httpsconnections noCache desactive clientcache Frameguard protectionclickjacking xssFilter protection XSS

Helmet CSP

Check headerssecurity http://cyh.herokuapp.com/cyh https://securityheaders.io/

Expressversions https://www.shodan.io/search?query express

Disablex-powered-by

Disablex-powered-by Avoid frameworkfingerprinting

Disablex-powered-by Use Helmet and use“hide-powered-by” plugin

Sessionsmanagement securehttpOnlydomainpathexpires https://www.npmjs.com/package/cookie-session

httpOnly &secure:true

XSS attacks An attacker can exploit XSS vulnerability to: Steal session cookies/Sesion hijackingRedirect user to malicious sitesDefacing and content manipulationCross Site Request forgery

CSRF attacks

https://www.npmjs.com/package/csurf

CSRFapp.use(function (request, response, next) {response.locals.csrftoken request.csrfToken();next();}); form action "/process" method "POST" input type "hidden" name " csrf"value "{{csrfToken}}" button type "submit" Submit /button /form

CSRF

Filter/sanitize user input Fixing XSS attacks https://www.npmjs.com/package/sanitizer Module express-validator https://www.npmjs.com/package/express-validator

ExpressValidator

ode

Node Goat http://nodegoat.herokuapp.com/tutorial

Node Goat https://github.com/OWASP/NodeGoat

).toString())

Insecure DirectObjectReferences Use session instead ofrequest param var userId req.session.userId;

Tools KrakenJS Luscamiddleware NodeJsScan

http://krakenjs.com/

https://github.com/krakenjs/lusca

NodeJsScan https://github.com/ajinabraham/NodeJsScan

lob/master/rules.xml

NodeJsScan

GitHub repositories https://github.com/jmortega/testing nodejs e https://github.com/Feeld/strong-node

Node securitylearning d-exploitation/

Books

References ps://www.owasp.org/index.php/Projects/OWASP Node js Goat Project

Node JS JavaScript in the backend Built on Chrome s Javascript runtime(V8) NodeJs is based on event loop Designed to be asynchronous Single Thread Node.js is resilient to flooding attacks sin

Related Books

Section 701 Syllabus Page Introduction to Ethical Hacking .

Section 701 Syllabus Page Introduction to Ethical Hacking .

Learn Hacking in 1 Day - Guru99

Learn Hacking in 1 Day - Guru99

Computer Hacking: A beginners guide to computer

Computer Hacking: A beginners guide to computer

HACKING INTO COMPUTER SYSTEMS A Beginners Guide

HACKING INTO COMPUTER SYSTEMS A Beginners Guide

Hacking Techniques in Wired Networks

Hacking Techniques in Wired Networks

CEH (v11) - Certified Ethical Hacker Training

CEH (v11) - Certified Ethical Hacker Training

Hacking Secrets Exposed - A Beginner's Guide - January 1,

Hacking Secrets Exposed - A Beginner's Guide - January 1,

6/7 FÄRGPLOTTER Modell GP-1650/1850 - Furuno

6/7 FÄRGPLOTTER Modell GP-1650/1850 - Furuno

6/7 FÄRGPLOTTER Modell GP-1650W/1850W - Furuno

6/7 FÄRGPLOTTER Modell GP-1650W/1850W - Furuno

User Maunal-iPOLiS Mobile-Android-SWEDISH-v2,6

User Maunal-iPOLiS Mobile-Android-SWEDISH-v2,6

BASICS OF ETHICAL HACKING - IJESET

BASICS OF ETHICAL HACKING - IJESET

PopularTags

Recent Views