DED9

What Security Points Should Programmers Pay Attention To When Designing Software?

Applications, Systems, And Networks, Are Exposed To A Variety Of Cyber-Attacks, Such As Password Hacking, Dictionary Attacks, And Pervasive Search. 

In the past, companies did not expect programmers to have a thorough knowledge of security issues, as this was the responsibility of security experts. Still, today one of the most critical tasks of programmers is to clean code free from common mistakes. In general, applications face two major security issues.

The first problem is the hidden vulnerabilities in the frameworks, libraries, or tools that programmers use to develop software. The second problem is poor coding, which makes software vulnerable to cyber-attacks.

These are just some of the goal-setting shareware that you can use. Today, most attacks that target enterprise infrastructure and networks are implemented through hidden vulnerabilities in applications running on client or server systems.

Therefore, as a programmer, it is essential to have complete information about attack vectors so that you do not inadvertently create access for hackers when coding programs.

Applications and their challenges

Daily applications are exposed to many types of cyber attacks. Hackers, like regular users, install and run the software, check its performance, and then search for vulnerabilities in the software. Since professional hackers are experts in the field of programming, they have a thorough knowledge of programming concepts and how to exploit vulnerabilities.

Directory navigation

Web-based application developers and web admins are always concerned about attacking Directory Traversal. In this attack, hackers evaluate the file system of the web server so that they can inject malicious commands into HTTP messages. In this technique, the hacker tries to test. In a web address, enter the server’s web directory structure several times.

After entering the directory, it goes back several times to reach the operating system directory and execute the active system level commands. To counter directory crawling attacks, you need to ensure that the systems are up to date with security patches and look for a blocklist of familiar characters in URLs like

Injection attacks

The biggest problem that applications face is injection attacks. Injection attacks occur for a variety of reasons. For example, may do it to extract information. Here, application software is used as an intermediary to attack a database. Hackers use this technique to insert various types of programming code instead of the data the software is waiting to receive. Injection attacks are divided into the following types.

SQL injection

Almost all database experts and web programmers are concerned about this attack. Programmers use structured Query Language (SQL) to implement dialogs on databases. Web and enterprise applications use structured query language to retrieve data from databases. For example, you might have an office-based software storing information in a database.

The program uses a query language to retrieve this data from databases and displays the information. In synthesized query injection attacks, the hacker uses the commands of this language to manipulate the data in the database. In this method, the hacker enters the standard code of the query language into the program and ensures that the program sends the above commands to the database.

The hacker enters SQL statements in a place that programmers or database administrators do not expect, such as username and password fields on the login page.

Figure 1 shows an example of an SQL code injection attack. In this figure, you will see a login page waiting to receive a username and password. When the user enters the information in these fields, this information is placed in SQL statements so the user can authenticate and log in. The command used for this purpose is the select command, which is used to find information in a database. When the user clicks the LOGON button, the choose command tries to find the username and password typed in the program.

Figure 1

In the above example, the hacker has to ensure he gets the desired result after running a dialog because he does not know the valid username and password, so It tries to enter the SQL code as the password so that he may be able to log in. For example, one common technique used in this field is to insert database commands into the password box to execute an SQL code injection attack successfully:

pass’ or 1=1 —

The word pass is something that the hacker types as his password, which will not work because the hacker does not have an account in the application. The 1 = 1 statement is used as a condition in the select statement but is not tested as an actual password. The critical point is the” ‘” character used to close the particular command.

The “-” characters at the end of this command indicate a comment and are not usually a problem. However, there is a subtle point. In the main code, the programmer uses the” ‘” character in the actual select command, where this character specifies the end of that command. Now the two “-” feelings, which in the real world are only used by programmers to post comments, ignore the continuation of the original select command at the top line. Hence, in poor coding, this technique allows the hacker to log in.

Another major challenge that database programmers face is hackers’ changing the price of goods in an online store. The following command allows you to sign in, but it also executes an updated phrase that changes the price of all title table books to 50 cents:

pass’ or 1=1; update titles set price=.5 —

Another risk associated with applications is calling operating system commands or database servers to create user accounts. For example, the following command is an internal stored procedure in

Summons SQL Server allows the database developer to call an operating system command to gather information. In the example above, the hacker creates his account called SQL in Windows so that he can use it to log in to the target website. Fortunately, this technique cannot be used from SQL Server 2005 onwards because the procedure is stored

xp_cmdshell is disabled by default and should not be enabled for this reason.

pass’ ;exec master ..xp_cmdshell “net user from SQL password /add» –

The following command uses the same technique as before to add an account to the group of local system administrators. So that the hacker gets a back door with full management capabilities. This technique can also be used when xp_cmdshell is enabled, while on newer versions of SQL Server, it is disabled by default.

pass’ ;exec master ..xp_cmdshell “net localgroup administrators from SQL /add” –

How can we prevent the successful implementation of SQL injection attacks?

As mentioned, software security is one of the main tasks of programmers because security experts have limited maneuverability to deal with this attack model.

Dynamic-Link Library Injection

Inject lightweight directory access protocol

(Lightweight Directory Access Protocol Injection)

Injectable markup language injection

(Extensible Markup Language Injection)

Buffer Overflow Attacks

Since most applications are written in the C and C ++ programming languages, hackers are still trying their luck at performing buffer overflow attacks. Buffer overflow is when a hacker sends a lot of information to the program and causes the data to overflow from the buffer. A buffer is an area of main memory used to store information sent to an application. Imagine a pillow like a glass of water with a specific capacity when it pours more than the capacity of the water into the glass. The buffer overflow attack does precisely the same thing. Figure 2 shows a simple example of a successful implementation of this attack.

Figure 2

If the hacker can store information in memory outside the buffer zone, he can execute any code with administrative permission. The software exposed to this pattern of attacks is applications or services running in the operating system’s background.

Why are there vulnerabilities in applications?

You may ask why these attacks are successful. There are several reasons. Typically, hackers spend a lot of time working with technologies to discover their weaknesses and how to use them to carry out malicious activities.

In addition, programmers and software development teams intentionally place backdoors on their products so that they can make the necessary changes to applications in the future. Sometimes, hackers succeed in identifying and exploiting these backdoors. Developers are therefore forced to release patches to close these back doors.

The most important reasons for the success of attacks on applications are the following:

In this case, an error is displayed to the user if the data is invalid instead of processing the information. If the programmer does not approve the input, hackers can inject malicious data into the program to control the software in a way that is not desirable.

last word

Security is one of the most overlooked aspects of application development that we use daily. Understanding how hackers infiltrate and damage a company’s infrastructure through applications running on systems is critical. A key point in discussing application software development is understanding that you can do your job as a programmer and perform security tests on the software you have designed after completing a software project with particular care and obsession.

In addition, a set of guidelines, checklists, and templates help you avoid common mistakes when coding. However, note that each programming language has its security patterns, which is not the case for all programming languages.

For example, Cisharp simplifies the coding process for programmers by introducing a concept called Garbage Collection. In contrast, languages ​​like C do not have such a feature, and programmers must free up memory when allocating memory to dynamic objects.

Die mobile Version verlassen