I am a post graduate student. I have to do a masters thesis on SOA vulnerabilities(SOA security). In the sense, finding vulnerabilities in web services or finding solutions to the existing vulnerabilities. In that direction i have been searching for vulnerabilities in SOA. Once the vulnerability is find i have to stimulate it and show to my guide. Some attacks i found in OWASP in the corresponding areas are DOS attacks, Injection attacks(SQL injection,XPath injection). I could not able to take a proper decision at the moment so as what to do next.
Can anyone please tell me how could i proceed to successfully reach the destination?
views:
84answers:
3
+1
A:
To help you out a bit on your research i'm stating this website:
http://www.packetstormsecurity.com
This website has alot of information regarding to exploits / hacks / fixxes and alot of info about cross site server scripting / dos-attacks / sql-injection etc etc etc. If you really need more info or nice articles about various attacks and fixxes you should seriously consider checking out that page.
Younes
2010-02-04 13:39:16
This site is great. It provides a lot of security-related information and the descriptions of vulnerabilities are very well written. Definitely your number one site regarding web-security.
brozo
2010-02-04 13:49:50
deffo, best site regarding that kind of shizzle ;)
Younes
2010-02-04 13:57:26
packet storm is for script kiddies of the 1990's. That site is so old and all it contains is outdated papers and forgotten exploit code.
Rook
2010-02-04 17:01:46
Bullox, there is alot of updated material and everyday new exploits / fixxes etc gets submitted.
Younes
2010-05-27 06:10:54
A:
Generally, you should discuss this in depth with your tutor rather than ask the internet in general.
Will
2010-02-04 13:41:22
@Younes it was genuine advice. I've said it before too: http://stackoverflow.com/questions/1245885/project-ideas-on-algorithms-data-structures-and-parallel-programming/1245918#1245918
Will
2010-02-04 15:50:10
The question isn't about SOA nor how it works nor anything technical, its "not able to take a proper decision at the moment so as what to do next" and that's a question about the academic task at hand.
Will
2010-02-04 16:37:33
Will, If you are having trouble finding direction then it follows that you should ask for help. Stack Overflow is about helping programmers, and this question is helping a programmer do research.
Rook
2010-02-04 17:05:59
If, as I interpret, the question is how to graduate, then I think my advice to discuss it with the tutor is very sound.
Will
2010-02-04 17:09:29
A:
The field of computer security is massive and there is always something to explore. This is one of the reasons why I love hacking.
Currently I am working on a masterpiece exploit that will be the basis for my Blackhat/Defcon talk in august. I think that writing exploit code is vital for understanding the exploitation process. Even if you are the most Arian of white hats, you must write exploit or you will always be behind the attacks in terms of skill. I love going to hacker cons to get now ideas for my security research. It is also helpful to see new attacks.
Some things that you have no mentioned are Memory manipulation attacks such as buffer overflows. Modern buffer overflows are more difficult to exploit than Aleph One's smashing the stack for fun and profit. You should look into modern bypasses to ASLR such as heap spraying or heap feng shui. Attacks like jmp2reg (jmp2esp jump2ebx ect...) are also interesting for bypasses for ASLR.
Attacking ActiveX components is fun. I used H.D. Moore's AxMan with great success. Here is the remote code execution exploit I found using AxMan: http://www.milw0rm.com/exploits/7910 . Here are more exploits that I have written: http://www.milw0rm.com/author/677 . The best fuzzer is by far PeachFuzz, and writing a some pit files for it can be very fruitful research.
Buffer overflows and sql injection are the most talked about, but there are a couple hundred categories for vulnerabilities and they are identified by CWE numbers. Its worth exploring, I think it will surprised you what NIST thinks a vulnerability is.
Rook
2010-02-04 16:51:12