An Architectural Approach To Forestalling Code Injection

By Students3k.
com
CHAPTER 1
INTRODUCTION
Network security consists of the policies to prevent and monitor unauthorized access,
misuse, modification, or denial of a computer network and network-accessible resources.
Network security involves the authorization of access to data in a network, which is controlled
by the administrator. Users choose or are assigned an ID and password or other authenticating
information that allows them access to information and programs within their authority. Network
security covers a variety of computer networks that are used in everyday jobs conducting
transactions and communications among businesses. It secures the network, as well as protecting
and overseeing operations being done. The most common and simple way of protecting a
network resource is by assigning it a unique name and a corresponding password.
1.1 OBJECTIVE
The Objective of this system is to forestall code injection attacks which are used by most
of the intruders and hackers to break into a website. To forestall the attack split memory
technique is used, it follows the separation of code and data into different memory spaces. Code
injection attacks may result in the injection of attack code into the data space. However, the
injected code in the data space cannot be fetched for execution as instructions are only retrieved
from the code space. Apart from this, address space layout randomization is also followed to
prevent code injection attacks. Address space layout randomization deals with storing the
contents in the memory randomly instead of storing the entire content in a single memory
location. It prevents the attacker obtaining the entire information as the data are stored as patches
in different parts of memory.
By Students3k.com
CHAPTER 2
SYSTEM ANALYSIS
2.1 EXISTING SYSTEM

The existing protection scheme offers no protection against attacks which do not rely on
executing code injected by the attacker. The existing system follows von Neumann architecture
where the memory cannot split into several segments. This type of technique allows the intruder
to inject the code in the single segment and executes it. The intruder takes control of the entire
code running in the system and it grants access to modify the data and perform activities without
the knowledge of the authorized users. Also address space layout randomization is not possible,
the entire data are stored in the single address space, and it allows the third party member to
obtain all the valuable information, which is being stored in the database. Also when an attacker
modifies a programs data in order to alter program flow, are also not protected by existing
system. Even if the system is attacked by an intruder or a third party user, the intruder cannot be
tracked.
2.1.1 Drawbacks of Existing System
The drawbacks that are present in the existing system are listed below
Injected code is executed.
Memory split is not possible.
Intruder remains invincible.
URL attacks are not protected.
2.2 PROPOSED SYSTEM

To forestall the code injection attack, the memory architecture is changed by virtually
splitting it into two segments i.e. code segment and data segment. The change in architecture
does not allow the intruder to take charge of the injected code, as the injected code remains nonexecutable. The split memory technique follows Harvard Architecture. Also, Address space
layout randomization is followed, where the data are stored in various locations and not as whole
2
By Students3k.com
in a single memory location. The intruder or an attacker can be tracked by knowing their
location, IP address,date and time of the attack etc, that are not available in the existing system.
2.2.1 Advantages of Proposed System
Some of the advantages of the proposed system are as follows
Code injection Attack is countered at its root.
Memory split is possible.
Intruders information is gathered.
Gives protection against URL based attacks.
2.3 FEASIBILITY STUDY

Feasibility study deals with how much the acceptance of the project to the present
working environment. In this phase the feasibility of the system is analyzed. It deals with the
business requirements, cost estimation and validating whether the project is feasible or not.
During system analysis the feasibility study of the proposed system is to be carried out. This is to
ensure that the proposed system is better and more feasible than the existing system.
Three key considerations involved in the feasibility analysis are as follows
Economical Feasibility.
Technical Feasibility.
Social Feasibility.
2.3.1 Economical Feasibility

Economical feasibility study deals with the feasibility of the system with respect to the
cost and economical values. This study is carried out to check the economic impact that the
system will have on the working environment. The economical value to the system is low, as
most of the technologies being used are freely available. The time taken to build the system
makes use of the economical sources efiiciently. Hence, forestalling code injection attack is
economically feasible.
By Students3k.com
2.3.2 Technical Feasibility

Technical feasibility deals with the study that how much a project is technically feasible
to the working environment. This can be said as the technical requirements for the system.
Forestalling code injection attack is technically feasible as the available resource already exist is
enough for its working. This system need only minimal changes to the technical side for
implementing purpose by adding a patch to the current working environment hence it is
technically feasible.
2.3.3 Social Feasibility
Social feasibility deals with the study of feasibility of a system to the working society.
This includes the process of training the user to use the system efficiently. By using this system
the user will not feel threatened by the system, instead the user will accept it as a necessity, as
network security became a vital factor in the field of online transactions. User must feel
comfortable with the system and the user can adopt their way of using. The technologies that is
being used is familiar with most of the users hence this system is socially feasible.
By Students3k.com
CHAPTER 3
SYSTEM SPECIFICATION
3.1 HARDWARE REQUIREMENT
Processor
Intel Pentium P4 1.7 GHZ.
RAM
512 MB.
Hard Disk Drive
80 GB.
Keyboard
101 Keys.
Mouse
PS 2 or USB.
Monitor
SVGA/color.
3.2 SOFTWARE REQUIREMENT
Operating System
Windows XP.
IDE
Visual Studio .NET frame work 2008.
Web Technologies
Asp.net 3.5.
Language
C#.
Database
Sql Server 2005.
By Students3k.com
CHAPTER 4
SOFTWARE DESCRIPTION
4.1 ASP.NET
ASP.NET is a unified Web development model that includes the services necessary for
you to build enterprise-class Web applications with a minimum of coding. You can code your
applications in any language compatible with the common language runtime (CLR), including
Microsoft Visual Basic and C#. These languages enable you to develop ASP.NET applications
that benefit from the common language runtime, type safety, inheritance, and so on.
4.1.1 Features of ASP.NET

Object-oriented
Event-based
Separation of layout (HTML) and logic (e.g. C#)
Compiled languages instead of interpreted languages
GUI can be composed interactively with Visual Studio .NET
Better state management
Namespaces
ASP.NET uses a concept called namespaces. Namespaces are hierarchical object models
that support various properties and methods. For example, HTML server controls reside in
"System.web.UI.HtmlControls"
namespace,
web
server
controls
reside
in
System.web.UI.WebControls" namespace and ADO resides in "System. Data" namespace.

Language Independent
An ASP.NET page can be created in any language supported by .NET framework.
Currently .NET framework supports VB, C#, JScript and Managed C++.
By Students3k.com
4.2 C#
C# (pronounced see sharp) is a multi-paradigm programming language encompassing
strong typing, imperative, declarative, functional, generic, object-oriented (class-based), and
component-oriented programming disciplines. It was developed by Microsoft within its .NET
initiative. C# is one of the programming languages designed for the Common Language
Infrastructure.
4.2.1 Features of C#
C# is intended to be a simple, modern, general-purpose, object-oriented programming
language. The main features are as follows
It has no global variables or functions.
C#, like C++, but unlike Java, supports operator overloading.
Managed memory cannot be explicitly freed; instead, it is automatically garbage

collected.
In addition to the try...catch construct to handle exceptions, C# has a try...finally

construct to guarantee execution of the code in the finally block.
By Students3k.com
CHAPTER 5
PROJECT DESCRIPTION
5.1 PROBLEM DEFINITION

Most of the web applications are addicted towards code injection attacks. Data is
injected by an intruder or an attacker and that third person takes control of the entire system thus
leading to loss of secured data and also malfunctioning of the entire system. If the system is
attacked, the attacker is not known by the administrator and the person remains invincible. This
leads to many disorders in the web applications.
5.2 OVERVIEW OF THE PROJECT
Code injection attacks can be prevented by virtual splitting of memory i.e. code segment
and the data segment. It is based on Harvard Architecture. The memory space is allocated in such
a way that the code and data segment of the system are stored separately. The injected code
remains in the data segment and it will not be executed as it makes unavailable for the processor
during the instruction fetch from the memory.
Also, the tracking facility enables the
administrator to detect the intruder with their IP address, system name, path, location etc. It
allows the administrator to take necessary action on the intruder.
5.3 MODULE DESCRIPTION
5.3.1 Authentication Phase
This is the first module of all applications which contains the user registration and login
and administrators login. In the previous stages, an unknown user also can block the valid user
account without knowing the password of the account holder. This is one type of intruder. In the
first phase if the user wrongly types the password simultaneously (more than 3 times) then the
login will be transferred to a temporary (fake) account page. The intruder does not know that he
is in a fake page as it resembles original page.
By Students3k.com
5.3.2 Split Memory Phase

Split Memory module enables the memory to split into two segments i.e. data and code.
The injected code remains in the data segment and it will be unavailable for the processor to
execute them. It is based on Harvard Architecture. The control of the system remains in the code
segment, as the execution is done only from code segment of the system. The data and code
segments are created differently and they are linked with each other through the controls. Data
segment allows the user to enter the details like user name, password etc. Code segment is
responsible for the execution of the entire system.
5.3.3 Address space Intrusion Avoidance phase
Address space layout randomization could be combined with this phase to prevent the
URL based attacks. Even if the intruder attacks the system through URL the control will not be
granted to the intruder. If the intruder wants to move to next page after the authentication
through URL the user remains in the same address, but the page that is being displayed will be
different. Also the data are not stored in a single memory space but will be stored in different
parts of the memory in patches.
5.3.4 Preventing Code Injection phase
When the intruder tries to modify any data or create any malicious event, the intruder is
not permitted to perform the activities since intrusion is done with unauthorized user name and
password. If the changes are done with unauthorized access then the information of the intruder
are gathered and it is being sent to the administrator in the secure manner. From those details the
intruder can be identified very easily and any further action performed by the intruder can be
blocked thus preventing code injection. The details like IP address, hostname, date, time, path,
etc., are reported to the system administrator.
By Students3k.com
5.4 DATA FLOW DIAGRAM

LEVEL 0 DATA FLOW DIAGRAM
Preventing
Code
Injects
Intruder
Code
Forestalling
Code Injection
Attacks
Executable
Code
From
execution
Figure 5.4.1 Level 0 DFD: Overview of forestalling code injection
Description
Intruder injects code into the Forestalling Code Injection system by means of URL or
injecting code in to the execution, but it is not executed. As Code injection is prevented in this
system, executable code is not affected by the intruder.
10
By Students3k.com

Attack by the means
of URL
Intruder
Code Injection
Attack
Intruder cannot find

ASLR
Injects Code
Address Space
Authorized
Access
Tracking
Code
& Data
Authentication
Memory Split
Preventing
code Injection
User name and

password
Ip Address,
location, time
date.
Detection
Administrator
User
Intruders code is
not executed
Transaction
Database
Fake Database
Executable
Code
Access the
records
Figure 5.4.2 Level 1 DFD: Preventing Code Injection

11
By Students3k.com
Description
Code injection can be prevented with Address space layout randomization phase,
preventing code injection phase. In this intruders attack by means of URL is prevented by ASLR
phase. The intruders cant guess by means of the URL displayed in the Address bar. In the code
injection prevention, the system will run code only when it is inserted from the Administrators IP
address and host name. Thus intruders code is not executed and prevented from huge disaster to
the website.
12
By Students3k.com
Attack by the means of URL

Intruder
ASLR
Code Injection Attack

IP, date, time, Host
name
IP
Injected Code
Executable code
Preventing
code Injection
Dictionary
Attack
Code
Separate
Storage
Code
Authentication
Split Memory
Code Segment
Design
Normal Page
Data Segment
Fake Page
Full Access
Limited Access
Tracking
Reports
Host
name
IP
Transaction
IP
Design
Host
name
Details
Fake Database
Code
Database
Viewing
records
Administrator
Figure 5.4.3 Level 2 DFD: Tracking and Split Memory
13
By Students3k.com
Description
In the tracking phase when intruder perform dictionary attack he is directed to the fake
page. In fake page intruders details are tracked by means of his IP address, location, network
path, host name, etc.,.. Tracked information is send to the administrators view to perform further
actions. Also the memory is split into two segements as code and data segments.
5.5 DATABASE DESIGN
The database design is a must for any application developed especially more for the data
store projects. Since the chatting method involves storing the message in the table, proper
handling of the table is a must.
In this system, login table is designed to be unique in accepting the username and the
length of the username and password should be greater than zero.
5.5.1 Honey Pot Database
To create an account for the user by the administrator
Table 5.1 Account Creation

Temporary transaction ID is generated for transaction
Table 5.2 Temporary Transaction

14
By Students3k.com
Registration by user to receive their user name and password
Table 5..3 Registration
The details of the intruder are stored in the table
Table 5.4 Hidden Details

Details when editing is done by the user
Table 5.5 Upload
15
By Students3k.com
5.6 INPUT DESIGN

Input design is the process of converting the user oriented input to the computer oriented
format. Authentication module is used to log in to the system and perform the operations. Split
memory module is used to separate the code and the data segment. Preventing code injection
module helps the administrator to know the details of the intruder. The details are collected and it
is stored in the database.
Forestalling Code
Injection
Types of intrusions
Split
Memory
Authentication
Preventing code injection
Address space
Attacks by intruder
More of trying with

wrong password to
hack the account
Attacking code
memory to get the
information by
unauthorized
Inserting malicious
code to the website
without admins
permission
Inserting wrong
data or url to the
address space
Prevention by the system

Transferred to fake
page & by getting
intruder information
Split the code

memory and the data
memory
It will not affect any

information in server
or database
Address space will

not show the correct
content page
Figure 5.6 Architecture of forestalling code injection attack
16
By Students3k.com
5.7 OUTPUT DESIGN

Output design generally refers to the results and information that are generated by the
system for many end-users; output is the main reason for developing the system and the basis on
which they evaluate the usefulness of the application. In this system, with the authenticated user
name and password, the user can perform the operations with out any restrictions. If the users
want to update the data or transfer the amount, the action can be done successfully, where as if
the intruder logs in with out knowing the password or user name there by giving false details
more than three times, the intruder is redirected towards a fake page where the details of the
intruder can be tracked. Also when an attacker wants to update any data, the updation is done
only temporarily and it is not stored or updated in the database. To the third person the
transaction is restricted and on clicking the view details only fake details are displayed. Thus
any atack perfomed by the third person is blocked or restricted.
17
By Students3k.com
CHAPTER 6
SYSTEM TESTING
6.1 UNIT TESTING
Unit testing verification efforts on the smallest unit of software design, module. This is
known as Module Testing. After testing each every field in the modules, the modules of the
project is tested separately. Unit testing focuses verification efforts on the smallest unit of
software design and field. For example, Username and Password are entered in correct manner
and checked. While filling the details in the register form certain fields are left as empty and
checked. The submit button successfully stores the data in the database. This is done for each and
ecery module individually.
6.2 INTEGRATION TESTING
Integration testing is done to take unit - tested modules and build a program structure
that has been dictated by design. All the modules were integrated after the completion of unit
test.The modules are integrated by moving downward through the control hierarchy, beginning
with the main module. After the successful integration of the modules, the system was found to
be running with no errors. Here, on clicking the submit button the details are updated on to the
database, also an email with user name and password is sent to the user;s mail ID. Similarly
transaction ID is generated, stored in the data base and it is sent to the users mail ID. Thus all
the modules are integrated and are tested successfully.
6.3 VALIDATION TESTING
Validation testing provides the assurance that software meets all functional, behavioural
and performance requirements. Validation testing can be defined as the software functions in a
manner that is expected by the user. This testing verifies that all elements combine properly and
that overall system function and performance is achieved. After the integration of the modules,
the validation test was carried out over by the system. It was found that all the modules work
well together and meet the overall system function and performance.
18
By Students3k.com
CHAPTER 7
SYSTEM IMPLEMENTATION
A software application in general is implemented after navigating the complete life cycle
method of a project. Various life cycle processes such as requirement analysis, design phase,
verification, testing and finally followed by the implementation phase results in a successful
project management. The software application which is basically a web based application has
been successfully implemented after passing various life cycle processes mentioned above.
As the software is to be implemented in a high standard industrial sector, various factors
such as application environment, user management, security, reliability and finally performance
are taken as key factors throughout the design phase. These factors are analyzed step by step and
the positive as well as negative outcomes are noted down before the final implementation.
Security and authentication is maintained in both user level as well as the management
level. The data is stored in Microsoft sql server 2005, which is highly reliable and simpler to use,
the user level security is managed with the help of password options and sessions, which finally
ensures that all the transactions are made securely. The forms are designed in such a way that it
is attractive, convenient and informative. Forms are designed in C#.NET with various features,
which make the console output more pleasing. As the outputs are the most important sources of
information to the users, better design will improve the systems convenience and effectiveness.
The applications validations are made, taken into account of the entry levels available in
various modules. Possible restrictions like number formatting, date formatting and confirmations
for both save and update options ensures the correct data to be fed into the database. Thus all the
aspects are charted out and the complete project study is practically implemented successfully
for the end users.
19
By Students3k.com
CHAPTER 8
CONCLUSION AND FUTURE ENHANCEMENTS
8.1 CONCLUSION
The system is successfully implemented through virtual split of memory and there by
forestalling the code injection attacks. Instead of maintaining single memory space, the memory
is split into two as data and code. Even though an intruder injects a code, the code is injected
only in the data segment and not in the code segment. Thus the code in the data segment remains
unexecuted as the codes are executed only from the code segment. Also the tracking mode
enables the administrator to detect the intruder with their specifications. The system is
implemented in a security application (like banking security); results show the system is
effective in forestalling wide range of code injection attacks.
8.2 FUTURE ENHANCEMENTS

One common problem with interceding during an attack is that while the attacker has not
successfully executed his malicious code, the attacker may probably corrupt various parts of a
programs memory space. Due to the fact that the operating system doesnt understand the
working of the running program, it would be infeasible for it to attempt any sort of recovery that
would permit the application to continue running. It may be much more feasible, for the
application itself to register a call-back function or a special signal handler that the operating
system could transfer execution to in the event an attack is detected. This requires changes to the
existing applications and would need to investigate in future work.
20
By Students3k.com
APPENDIX
A-I SOURCE CODE
Home.aspx
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;
public partial class Home : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
}
}
static int count=0;
protected void log1_Authenticate(object sender, AuthenticateEventArgs e)
{
if (log1.UserName == "Admin" && log1.Password == "Admin")
{
Response.Redirect("Adminhome.aspx");
21
By Students3k.com
}
else if (YourValidationFunction(log1.UserName, log1.Password))
{
Session["User"]=log1.UserName;
e.Authenticated = true;
Response.Redirect("userhome.aspx");
log1.TitleText = "Successfully Logged In";
}
else
{
e.Authenticated = false;
count++;
if (count >= 3)
{
count = 0;
Session["User"] = log1.UserName;
Server.Transfer("MainPage.aspx");
}
}
}
SqlConnection strConnection = new
SqlConnection("server=.\\SQLEXPRESS;database=honeypot;integrated security=true;");
private bool YourValidationFunction(string UserName, string Password)
{
bool boolReturnValue = false;
String SQLQuery = "SELECT UserName, Password FROM Register";
SqlCommand command = new SqlCommand(SQLQuery, strConnection);
SqlDataReader Dr;
strConnection.Open();
Dr = command.ExecuteReader();
while (Dr.Read())
22
By Students3k.com
{
if ((UserName == Dr["UserName"].ToString()) & (Password ==
{
boolReturnValue = true;
}
}
Dr.Close();
return boolReturnValue;
}
protected void lnkRegis_Click(object sender, EventArgs e)
{
Response.Redirect("AdUserAcc.aspx");
}
}
Accountinfo.aspx
using System;
using System.Data;
using System.Linq;
using System.Web;
public partial class AccountInfo : System.Web.UI.Page
23
Dr["Password"].ToString()))
By Students3k.com
{
{
if (Session["User"] == null)
{
Response.Redirect("Home.aspx");
}
}
SqlConnection con = new
SqlCommand cmd;
string em;
protected void lnkView_Click(object sender, EventArgs e)
{
cmd = new SqlCommand("select * from register where username=
'"+Session["User"].ToString()+"' ", con);
con.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
em = dr[5].ToString();
ListBox1.Items.Add("User Name " + dr[0].ToString());
ListBox1.Items.Add("A/c NO " + dr[2].ToString());
ListBox1.Items.Add("Res Address " + dr[3].ToString());
ListBox1.Items.Add("Res Phone " + dr[4].ToString());
ListBox1.Items.Add("Email id " + dr[5].ToString());
Int64 bal = Convert.ToInt64(dr[6].ToString());
string accno = dr[2].ToString();
dr.Close();
SqlCommand cmd1 = new SqlCommand("select sum(amount) from transaction1 where
fromacc= '" + accno.ToString() + "' group by fromacc", con);
24
By Students3k.com
Int64 transamtless =Convert.ToInt64(cmd1.ExecuteScalar());

SqlCommand cmd2 = new SqlCommand("select sum(amount) from transaction1 where toacc= '"
+ accno.ToString() + "' group by fromacc", con);
Int64 transamtadd = Convert.ToInt64(cmd2.ExecuteScalar());
ListBox1.Items.Add("Balance ----->" + (bal + transamtadd - transamtless).ToString());
}
con.Close();
cmd = new SqlCommand("select * from accdetails where email= '"+em.ToString()+"' ", con);
con.Open();
SqlDataReader dr1 = cmd.ExecuteReader();
if (dr1.Read())
{
ListBox1.Items.Add("-----------------------------");
ListBox1.Items.Add("Personal info");
ListBox1.Items.Add("Type Of Account--> SB");
ListBox1.Items.Add("First Name " + dr1[0].ToString());
ListBox1.Items.Add("Last Name " + dr1[1].ToString());
ListBox1.Items.Add("Current Adddress " + dr1[4].ToString());
ListBox1.Items.Add("Date Of Account Open "+dr1[7].ToString());
}
con.Close();
}
protected void lnkBack_Click(object sender, EventArgs e)
{
Response.Redirect("welcome.aspx");
}
}
Mainpage.aspx
using System;
25
By Students3k.com
using System.Data;
using System.Linq;
using System.Web;
public partial class MainPage : System.Web.UI.Page
{
{
}
protected void logout_Click(object sender, EventArgs e)
{
}
protected void lnk1_Click(object sender, EventArgs e)
{
Server.Transfer("Userinfo.aspx");
}
protected void lnk2_Click(object sender, EventArgs e)
{
Server.Transfer("DataReport.aspx");
}
}
26
By Students3k.com
Transfer.aspx
using System;
using System.Data;
using System.Linq;
using System.Web;
public partial class Transfer : System.Web.UI.Page
{
{
}
protected void btnBack_Click(object sender, EventArgs e)
{
Response.Write("<script>alert('Your Transaction Cancelled..')</script>");
con.Open();
cmd = new SqlCommand("truncate table temptrans", con);
cmd.ExecuteNonQuery();
con.Close();
Response.Redirect("UserHome.aspx");
}
SqlCommand cmd;
27
By Students3k.com
protected void btnTrans_Click(object sender, EventArgs e)

{
Random r = new Random();
int rnd=r.Next(2000000);
txtTransid.Text = rnd.ToString();
con.Open();
cmd = new SqlCommand("insert into temptrans values('" + txtAcc1.Text + "','" + txtAcc2.Text +
"','" + rnd.ToString() + "')", con);
con.Close();
System.Net.Mail.MailMessage mail = new System.Net.Mail.MailMessage();
System.Net.NetworkCredential cred = new
System.Net.NetworkCredential("ascentzpica@gmail.com", "preventing");
cmd = new SqlCommand("select email from register where accnumber='" + txtAcc1.Text + "'",
con);
con.Open();
if (dr.Read())
{
string em = dr[0].ToString();
mail.To.Add(em);
mail.Subject = "Transaction ID Mail From PCIA for Account Number'" + txtAcc1.Text + "'";
mail.From = new System.Net.Mail.MailAddress("ascentzpica@gmail.com");
mail.IsBodyHtml = true; // Aceptamos HTML
mail.Body = "The Account Number '" + txtAcc1.Text + "' and the To Account Number is '" +
txtAcc2.Text + "' and the Transaction ID is '" + rnd.ToString() + "'!!!";
System.Net.Mail.SmtpClient smtp = new System.Net.Mail.SmtpClient("smtp.gmail.com");
smtp.UseDefaultCredentials = false;
smtp.EnableSsl = true;
smtp.Credentials = cred; //asignamos la credencial
smtp.Send(mail);
28
By Students3k.com
}
con.Close();
Response.Write("<script>alert('Your Transaction ID Sent to your mail id..')</script>");
Response.Write("<script>alert('Enter Transaction ID Correctly and Transfer the
Money..')</script>");
}
protected void btnConfirm_Click(object sender, EventArgs e)
{
con.Open();
cmd = new SqlCommand("select * from temptrans where transid='" + txtTransid.Text + "'",
con);
if (dr.Read())
{
Response.Write("<script>alert('Amount Transferred Successfully..')</script>");
con.Close();
con.Open();
cmd = new SqlCommand("insert into transaction1 values('" + txtAcc1.Text + "','" + txtAcc2.Text
+ "'," + txtAmount.Text + ")", con);
con.Close();
con.Open();
cmd = new SqlCommand("truncate table temptrans", con);
con.Close();
}
else
{
Response.Write("<script>alert('Your Transaction ID is wrongly entered. Pls Check Your Mail
Again.')</script>");
}
29
By Students3k.com
con.Close();
}
}
Dataprocessing.aspx
using System;
using System.Data;
using System.Linq;
using System.Web;
public partial class DataProcessing : System.Web.UI.Page
{
{
{
}
{
lbl1.Text = "Welcome " + Convert.ToString(Session["User"]);
}
}
30
By Students3k.com
protected void lnkup_Click(object sender, EventArgs e)

{
Response.Redirect("Upload.aspx");
}
protected void lnkview_Click(object sender, EventArgs e)
{
Response.Redirect("DataReport.aspx");
}
protected void lnkLog_Click(object sender, EventArgs e)
{
Session.Abandon();
}
}
Data Report.aspx
using System;
using System.Data;
using System.Linq;
using System.Web;
using System.Net;
31
By Students3k.com
public partial class DataReport : System.Web.UI.Page

{
SqlCommand cmd;
{
{
}
{
lbl1.Text = "Welcome " + Convert.ToString(Session["User"]);
bind();
}
}
public void bind()
{
cmd = new SqlCommand("select * from upload", con);
con.Open();
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
da.Fill(ds, "re");
GridView1.DataSource = ds;
GridView1.DataBind();
con.Close();
}
protected void GridView1_RowEditing(object sender, GridViewEditEventArgs e)
{
32
By Students3k.com
GridView1.EditIndex = e.NewEditIndex;
bind();
}
protected void GridView1_RowUpdating(object sender, GridViewUpdateEventArgs e)
{
string sdata = ((TextBox)GridView1.Rows[e.RowIndex].Cells[2].Controls[0]).Text;
con.Open();
cmd = new SqlCommand("update upload set data ='" + sdata + "' where uname ='" +
Convert.ToString(Session["User"]) + "' and hname='" + Dns.GetHostName().ToString() + "'",
con);
int i = cmd.ExecuteNonQuery();
if (i >= 1)
{
Response.Write("<script>alert('updated')</script>");
}
else
{
Response.Write("<script>alert('updated')</script>");
}
con.Close();
bind();
}
protected void GridView1_RowCancelingEdit(object sender, GridViewCancelEditEventArgs e)
{
GridView1.EditIndex = -1;
bind();
}
}
Fake.aspx
using System;
33
By Students3k.com
using System.Data;
using System.Linq;
using System.Web;
using System.IO;
using Steganography;
using System.Drawing;
public partial class Fake : System.Web.UI.UserControl
{
{
}
SqlCommand cmd;
protected void lnkView_Click(object sender, EventArgs e)
{
FileStream File = new FileStream("c:\\new.txt", FileMode.OpenOrCreate, FileAccess.Write,
FileShare.Write);
StreamWriter sr1 = new StreamWriter(File);
sr1.Write("*url");
sr1.Write(Request.Url.AbsoluteUri);
sr1.Write("*");
34
By Students3k.com
sr1.Write(Request.UserHostName);
sr1.Write("*");
sr1.Write(Request.ApplicationPath);
sr1.Write("*");
sr1.Write(Request.FilePath);
sr1.Write("*");
sr1.Write(Request.PhysicalApplicationPath);
sr1.Write("*");
sr1.Write(Request.UserHostAddress);
sr1.Write("*");
sr1.Write(Request.Url.Host);
sr1.Write("*");
sr1.Write(System.Net.Dns.GetHostName());
sr1.Write("*");
sr1.Write(DateTime.Now.ToString());
sr1.Write("<br>");
sr1.Close();
FileStream file1 = new FileStream("c:/new.txt", FileMode.Open, FileAccess.Read);
StreamReader sr11 = new StreamReader(file1);
string pic = "C:/splash.bmp";
string message = sr11.ReadToEnd();
string password = "sa";
string stegoFile = "C:/m2.bmp ";
try
{
ICoverFile cover = new BMPCoverFile(pic);
cover.CreateStegoFile(stegoFile, message, password);
Result("Message hidden successfully");
System.Drawing.Image stegoPic = new Bitmap(stegoFile);
stegoPic.Dispose();
}
35
By Students3k.com
catch (Exception ex)

{
Result(ex.Message);
}
try
{
IStegoFile stego = new BMPStegoFile(stegoFile, password);
string str = stego.HiddenMessage;
}
catch (Exception ex)
{
Result(ex.Message);
}
cmd = new SqlCommand("select * from AccountDetails where uname= 'user1' ", con);
con.Open();
while (dr.Read())
{
ListBox1.Items.Add("Name " + dr[0].ToString());
ListBox1.Items.Add("A/c NO " + dr[1].ToString());
ListBox1.Items.Add("Type " + dr[2].ToString());
ListBox1.Items.Add("First Name" + dr[3].ToString());
ListBox1.Items.Add("Last Name " + dr[4].ToString());
ListBox1.Items.Add("Res Address " + dr[5].ToString());
ListBox1.Items.Add("Off Adddress " + dr[6].ToString());
ListBox1.Items.Add("Res Phone" + dr[7].ToString());
ListBox1.Items.Add("Off Phone" + "----->" + dr[8].ToString());
ListBox1.Items.Add("Email id " + "----->" + dr[9].ToString());
ListBox1.Items.Add("Balance " + "----->" + dr[10].ToString());
}
con.Close();
36
By Students3k.com
}
private void Result(string message)
{
Response.Write(message);
}
protected void ListBox1_SelectedIndexChanged(object sender, EventArgs e)
{
}
}
37
By Students3k.com
A-II SCREEN SHOTS

Homepage
Figure 9.1 Homepage

This is the home page of the system. There are two logins. One for the admin to perform
admin related operations. The other one for the user to have a view of their account details and to
perform the transactions.
38
By Students3k.com
Admin login
Here the admin can login to the system by specifying the correct user name and password.
On entering the correct details, the admin will be redirected to the next page.
Figure 9.2 Admin Login
39
By Students3k.com
Admin Home Page
Figure 9.3 Admin Homepage

Here admin home page gets displayed on successful login of the admin. The admin can
perform account creation, view the transactions, store and backup the details. On clicking any of
the operation, takes us to the corresponding page.
40
By Students3k.com
Admin Account Creation
Figure 9.4 Admin Account Creation

Administrator can create an account for the user. After entering the details, on clicking the
submit button an account will be created for the user.
41
By Students3k.com
User Registration
Figure 9.5 User Registration

After an account is created for the user. The user can register here, by entering the
respective details. On clicking the submit button an email with the user name and the password
will be sent to the users mail account.
42
By Students3k.com
User Login
Figure 9.6 User Login

Here the user can login to the system by specifying the correct user name and password.
On entering the correct details, the user will be redirected to the next page.
43
By Students3k.com
User Home Page
Figure 9.7 User Homepage

Here users home page gets displayed on successful login of the user. The user can perform
transactions, view and edit account information. On clicking any of the options, it takes us to the
corresponding page.
44
By Students3k.com
User Account Details
Figure 9.8 User Account Details

The user can view their details like balance, type of account, account number, address,
email id, phone number etc.
45
By Students3k.com
User Detail Updating
Figure 9.9 User Detail Updating

The user can enter the data that needs to be changed, on clicking the upload button it is
changed in the database. On the successful updating a message will be displayed as below .
Figure 9.9.1 Message after updating

46
By Students3k.com
After Updating
Figure 9.10 After Updating

After the details are updated by the user, the changes will be displayed as above.
47
By Students3k.com
User Amount Transaction
Figure 9.11 User Amount Transaction

The user can use their account number to perform transaction. On clicking the transfer
money option a transaction ID will be sent to the users mail ID and message appears as shown
below.
Figure 9.11.1 Transaction ID sent to mail

48
By Students3k.com
Figure 9.11.2 Message after transaction

When transaction is successfully done the dialog box will open as above.
Intruders entry
Figure 9.12 Intruders Entry

49
By Students3k.com
If user enters wrong password three times then the system redirects to the fake page as
given below. The operations are restricted to the intruder.
Figure 9.12.1 Fakepage for intruder

Fake Account Information
Figure 9.13 Fake Account Information

Fake details are displayed to the intruder as shown above.
50
By Students3k.com
Intruder Details Page
Figure 9.14 Intruder Details Page

Intruders details are saved in this page. It encompasses IP address, hostname, URL, file
path, time & date, system name etc. The administrator can use these details to track the intruder.
51
By Students3k.com
REFERENCES
[1] A Detailed Description of the Data Execution Prevention Feature in Windows xp Service
Pack 2, Windows xp Tablet pc ed. 2005, and Windows Server 2003,
[2] Intel Corporation, IA-32 Intel Architecture Software Developers Manual Volume 3A:
System Programming Guide, Part 1. Intel Corp., publication number 253668, 2006.
[3]
Buffer
Overflow
Attacks
Bypassing
(nx/xd
bits)Part
2:
Code
Injection,
http://www.mastropaolo.com/?p=13, Dec. 2006.

[4] C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang,
and H. Hinton, StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow
Attacks,
Proc.
Seventh
USENIX
Security
Conf.,
pp.
63-78,
http://
citeseer.ist.psu.edu/cowan98stackguard.html, 1998.
[5] J. Wilander and M. Kamkar, A Comparison of Publicly Available Tools for Dynamic Buffer
Overflow Prevention, Proc. 10th Network and Distributed System Security Symposium, pp.
149-162,citeseer.ist.psu.edu/wilander03comparison.html, Feb. 2003.
[6] J. von Neumann, First, Draft of a Report on the EDVAC, 1945, reprinted in, The Origins of
Digital Computers Selected Papers, second ed., pp. 355-364, Springer, 1975.
[7] P.C. van Oorschot, A. Somayaji, and G. Wurster, Hardware-Assisted Circumvention of
Self-Hashing Software Tamper Resistance, IEEE Trans. Dependable and Secure Computing,
vol. 2, no. 2, pp. 82-92, Apr. 2005.
[8] H.H. Aiken, Proposed Automatic Calculating Machine, 1937, reprinted in, The Origins of
Digital Computers Selected Papers, second ed., pp. 191-198, Springer, 1975.
[9] H.H. Aiken and G.M. Hopper, The Automatic Sequence Controlled Calculator, 1946,
reprinted in, The Origins of Digital Computers Selected Papers, second ed., pp. 199-218,
Springer, 1975.
[10] Skape and Skywing, Bypassing Windows Hardware-Enforced, Uninformed, vol. 2,
http://www.uninformed.org, Sept. 2005.
52

An Architectural Approach To Forestalling Code Injection

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

An Architectural Approach To Forestalling Code Injection

Uploaded by

Copyright:

Available Formats

By Students3k.

2.1 EXISTING SYSTEM

Injected code is executed.

Memory split is not possible.

Intruder remains invincible.

URL attacks are not protected.

2.2 PROPOSED SYSTEM

Code injection Attack is countered at its root.

Memory split is possible.

Intruders information is gathered.

Gives protection against URL based attacks.

2.3 FEASIBILITY STUDY

2.3.1 Economical Feasibility

2.3.2 Technical Feasibility

3.1 HARDWARE REQUIREMENT

Intel Pentium P4 1.7 GHZ.

Hard Disk Drive

3.2 SOFTWARE REQUIREMENT

Visual Studio .NET frame work 2008.

Sql Server 2005.

4.1.1 Features of ASP.NET

System.web.UI.WebControls" namespace and ADO resides in "System. Data" namespace.

It has no global variables or functions.

C#, like C++, but unlike Java, supports operator overloading.

Managed memory cannot be explicitly freed; instead, it is automatically garbage

In addition to the try...catch construct to handle exceptions, C# has a try...finally

5.1 PROBLEM DEFINITION

Also, the tracking facility enables the

5.3.2 Split Memory Phase

5.4 DATA FLOW DIAGRAM

LEVEL 1 DATA FLOW DIAGRAM

Intruder cannot find

User name and

Figure 5.4.2 Level 1 DFD: Preventing Code Injection

LEVEL 2 DATA FLOW DIAGRAM

Attack by the means of URL

Code Injection Attack

Table 5.1 Account Creation

Table 5.2 Temporary Transaction

Registration by user to receive their user name and password

Table 5..3 Registration

The details of the intruder are stored in the table

Table 5.4 Hidden Details

Table 5.5 Upload

5.6 INPUT DESIGN

Preventing code injection

More of trying with

Prevention by the system

Split the code

It will not affect any

Address space will

Figure 5.6 Architecture of forestalling code injection attack

5.7 OUTPUT DESIGN

8.2 FUTURE ENHANCEMENTS

Int64 transamtless =Convert.ToInt64(cmd1.ExecuteScalar());

protected void btnTrans_Click(object sender, EventArgs e)

protected void lnkup_Click(object sender, EventArgs e)

public partial class DataReport : System.Web.UI.Page

catch (Exception ex)

A-II SCREEN SHOTS

Figure 9.1 Homepage

Admin Home Page