[Owasp-london] Next meeting: December 4th, KPMG, Canary Wharf

Fri Sep 12 18:22:07 EDT 2008

It seems that we've behaved well on this previous meeting and so KPMG
are happy to see us again. We've scheduled our next meeting for December
4th (Thursday), at the same location:

     KPMG, 39th Floor, One Canada Sq, E14 5AG

We are going to start the meeting slightly earlier this time, at 6.30pm.

We already have two excellent talks lined up. Both were presented at
Black Hat US earlier this year. They are going to take 20-30 minutes
each. We are going to have another short talk (possibly a report from
the OWASP Summit, which will be held in November), but I am generally
going to leave some more time in between the talks so that we can chat more.

Confirmed talks
---------------

Justin Clarke: SQL Injection Worms for Fun and Profit

Earlier this year the first (publicly known) SQL Injection worm
appeared. This worm used SQL Injection to insert malicious scripting
tags into the pages of over 90,000 sites that were vulnerable to SQL
injection.

Yet the exploit vector was fairly innocuous, easy to clean up, and easy
to block. In other words, very much version 0.1 of what a SQL Injection
worm can achieve.

This talk is going to discuss how far the rabbit hole can go with SQL
injection based worms, including full compromise of the server OS, and
why we should be worried by what is going to be coming next out of
Russia/China/wherever, including a live demo of a proof of concept SQL
injection worm, "weaponized".

Justin Clarke: Protecting Vulnerable Applications with IIS7

With the advent of IIS7 and its modular design, Microsoft has provided
the ability to easily integrate custom ASP.NET HttpModules into the IIS7
request-handling pipeline. This session will present an IIS7 module
designed to leverage this architecture to actively and dynamically
protect web applications from attack. With minimal configuration, the
module can be used to protect virtually any application running on the
web server, including non-ASP.NET applications (such as those written in
PHP, Cold Fusion, or classic ASP).

This presentation will outline the overall design and architecture of
the module, including a detailed explanation of available features and
attack defense techniques. The session will focus on live demonstrations
of how the module can easily be installed to protect already-deployed
applications and how it can block both traditional web application
attacks, such as SQL injection and Cross-Site Scripting, and
application-specific vulnerabilities like parameter manipulation and
authorization attacks.

About Justin:

Justin is a Principal Consultant with Gotham Digital Science. He is the
co-author of "Network Security Tools" (O'Reilly, 2005), a contributing
author to "Network Security Assessment" (O'Reilly, 2007), and has spoken
at Blackhat, EuSecWest, RSA, and OSCON in the past. He has over 10 years
of security testing and consulting experience in network, application,
source code and wireless testing work for some of the largest commercial
and government organizations in the United States, United Kingdom, and
New Zealand. Justin is active in developing security tools for
penetrating and defending applications, servers, and wireless networks
(e.g. SQLBrute), and as a compulsive tinkerer he can't leave anything
alone without at least trying to see how it works.

-- 
Ivan Ristic