SlideShare a Scribd company logo

Middleware hacking

Download as PPTX, PDF
N
nullowaspmumbai

The document discusses middleware, including what it is, common vendors, where it stands architecturally, types of middleware, vulnerabilities, and the importance of patching. Middleware is software that connects applications and lies between the OS and applications, supporting distributed business applications. Common vendors include Oracle, and middleware can use RPC, message-oriented, object-oriented like CORBA, or Java technologies. It is important to middleware's role and to patch vulnerabilities.

Technology
1 of 18
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Middleware hacking
Agenda • what is Middleware? • Vendors for Middleware? • Where it stands in a picture? • Types of Middleware? • Vulnerabilities in Middleware? • Importance of middleware patching?
What is Middleware ? What is Middleware? Middleware is the software that connects software components or enterprise applications. Middleware is the software layer that lies between the operating system and the applications on each side of a distributed computer network Typically, it supports complex, distributed business software applications. https://docs.oracle.com/cd/E15523_01/core.1111/e10103/intro.htm#BABEICDD Servers / Client This is middleware in my understanding.. 
Vendors for Middleware?
Where Middleware stands in picture M I D D L E W A R E
Where Middleware stands in picture KERNEL Network OS Service Middleware Distributed Application
Types of Middleware? OBJECT Oriented Middleware RPC (remote procedure call) MOM Message oriented Middleware Event based Middleware
RPC (remote procedure call) http://p.motionelements.com/stock-video/nature/me705539-inside-mcdonald-s-restaurant-hd-a0252.jpg
RPC (remote procedure call) APPLICATION CALL(function) CLIENT STUB marshalling (network portable format) RPC RPC SERVER STUB unmarshalling Function execute and result PROS * Distributed application * can call any function from anywhere CONS • Platform Dependent • Language Dependent RPC
RPC call Live Example RPC
OBJECT Oriented Middleware (ORB) CORBA The Common Object Request Broker Architecture
OBJECT Oriented Middleware (ORB) CORBA The Common Object Request Broker Architecture BY OMG Group PROS • Platform Independent • Language Independent • ORB :- Object request broker • IIOP :- internet inter operable protocol. APPLICATION CALL(function) CLIENT STUB ORB ORB Skeleton Function execute and result IIOP :- internet inter operable protocol. IDL
Live Example ORB
COM/DCOM PROS • MSIDL:- Microsoft IDL • DCE-RCP :-distributed computing Env-R. CLIENT Proxy COM runtime lib in windows NT COM runtime lib in windows NT STUB Function execute and result DCE-RPC Component object module and distributed component Object Module MSIDL
Enterprise JAVA Bean JAVA RMI (Remote Method Invocation) PROS • Platform Independent • JAVA RMI . WEB Browser WEB APP RMI registry/ JVM RMI registry/ JVM JDBC DATABASE IDL RMI-IIOP
Vulnerabilities in Middleware ISSUES • OVERFLOWS • WEB Application TOP 10 • Architecture flow • Say No to Scanner’s
Importance of middleware patching?
Thank You…! 

More Related Content

PPTX
Web app presentation
zahid6
 
DOCX
Ralph_Cencebaugh Resume
Ralph Cencebaugh
 
PPTX
Types of software, advantages and disadvantages
Rocket11986
 
DOCX
Michael Tillett Resume4
Michael Tillett
 
PPTX
59 ways to publish an application v0.9
marcelvenema
 
DOCX
jeffrey.glover.resume
Jeffrey Glover
 
DOC
Maged Bishay - Resume 2015
Maged Bishay
 
PPTX
Middleware final
Ankit Anand
 
Web app presentation
zahid6
 
Ralph_Cencebaugh Resume
Ralph Cencebaugh
 
Types of software, advantages and disadvantages
Rocket11986
 
Michael Tillett Resume4
Michael Tillett
 
59 ways to publish an application v0.9
marcelvenema
 
jeffrey.glover.resume
Jeffrey Glover
 
Maged Bishay - Resume 2015
Maged Bishay
 
Middleware final
Ankit Anand
 

Similar to Middleware hacking (20)

DOCX
Middleware – Its Types, Architecture, and Benefits.docx
Xavor Corporation - Redefining Health Technology
 
PPT
middleware-technologies-8871-AmKEtL9-_1_.ppt
BinduBindu57
 
PDF
Middleware Technology and its importants
evolution25com
 
PPT
Middleware
Dr. Uday Saikia
 
PPT
middleware in embedded systems
Akhil Kumar
 
PDF
Communication middleware
Peter R. Egli
 
PPT
Unit_2_Midddleware_2.ppt
rameshwarchintamani
 
PPTX
Manish tripathi-e-commerce-middleware
A P
 
PPTX
Pervasive middleware
BHAKTI PATIL
 
PDF
Middleware1
bhumi109
 
PPT
12-middleware.ppt
tsigitnist02
 
PPT
middleware
rkk0o7
 
PPTX
Middleware Technologies ppt
OECLIB Odisha Electronics Control Library
 
ODP
Middleware1
nava rathna
 
ODP
Middleware
nava rathna
 
PPT
IntroJan14.ppt
AnkitKumarSharma54
 
PPT
INTERPROCESS COMMUNICATION INTERPROCESS COMMUNICATION INTERPROCESS COMMUNICATION
PRASAD BANOTH
 
PPT
MIDELWARE TECH
muthahar.sk
 
PPTX
The Middleware technology that connects the enterprise
Kasun Indrasiri
 
PPT
client-server-architecture.ppt
gowriganesh
 
Middleware – Its Types, Architecture, and Benefits.docx
Xavor Corporation - Redefining Health Technology
 
middleware-technologies-8871-AmKEtL9-_1_.ppt
BinduBindu57
 
Middleware Technology and its importants
evolution25com
 
Middleware
Dr. Uday Saikia
 
middleware in embedded systems
Akhil Kumar
 
Communication middleware
Peter R. Egli
 
Unit_2_Midddleware_2.ppt
rameshwarchintamani
 
Manish tripathi-e-commerce-middleware
A P
 
Pervasive middleware
BHAKTI PATIL
 
Middleware1
bhumi109
 
12-middleware.ppt
tsigitnist02
 
middleware
rkk0o7
 
Middleware Technologies ppt
OECLIB Odisha Electronics Control Library
 
Middleware1
nava rathna
 
Middleware
nava rathna
 
IntroJan14.ppt
AnkitKumarSharma54
 
INTERPROCESS COMMUNICATION INTERPROCESS COMMUNICATION INTERPROCESS COMMUNICATION
PRASAD BANOTH
 
MIDELWARE TECH
muthahar.sk
 
The Middleware technology that connects the enterprise
Kasun Indrasiri
 
client-server-architecture.ppt
gowriganesh
 

More from nullowaspmumbai (20)

PPTX
Xxe
nullowaspmumbai
 
PDF
ELK in Security Analytics
nullowaspmumbai
 
PPTX
Switch security
nullowaspmumbai
 
PPTX
Radio hacking - Part 1
nullowaspmumbai
 
PPTX
How I got my First CVE
nullowaspmumbai
 
PPTX
Power forensics
nullowaspmumbai
 
PPTX
Infrastructure security & Incident Management
nullowaspmumbai
 
PPTX
Internet censorship circumvention techniques
nullowaspmumbai
 
PPTX
How i got my first cve
nullowaspmumbai
 
PPTX
Adversarial machine learning updated
nullowaspmumbai
 
PPTX
Commix
nullowaspmumbai
 
PPTX
Adversarial machine learning
nullowaspmumbai
 
PPTX
Dll Hijacking
nullowaspmumbai
 
PPTX
Abusing Target
nullowaspmumbai
 
PDF
NTFS Forensics
nullowaspmumbai
 
PPTX
Drozer - An Android Application Security Tool
nullowaspmumbai
 
PPTX
Middleware hacking
nullowaspmumbai
 
PDF
Ganesh naik linux_kernel_internals
nullowaspmumbai
 
PDF
Buffer overflow null
nullowaspmumbai
 
PDF
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
nullowaspmumbai
 
Xxe
nullowaspmumbai
 
ELK in Security Analytics
nullowaspmumbai
 
Switch security
nullowaspmumbai
 
Radio hacking - Part 1
nullowaspmumbai
 
How I got my First CVE
nullowaspmumbai
 
Power forensics
nullowaspmumbai
 
Infrastructure security & Incident Management
nullowaspmumbai
 
Internet censorship circumvention techniques
nullowaspmumbai
 
How i got my first cve
nullowaspmumbai
 
Adversarial machine learning updated
nullowaspmumbai
 
Commix
nullowaspmumbai
 
Adversarial machine learning
nullowaspmumbai
 
Dll Hijacking
nullowaspmumbai
 
Abusing Target
nullowaspmumbai
 
NTFS Forensics
nullowaspmumbai
 
Drozer - An Android Application Security Tool
nullowaspmumbai
 
Middleware hacking
nullowaspmumbai
 
Ganesh naik linux_kernel_internals
nullowaspmumbai
 
Buffer overflow null
nullowaspmumbai
 
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
nullowaspmumbai
 

Recently uploaded (20)

PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Teaching material agriculture food technology
LiaRayya
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Cloud computing and distributed systems.
kkkkkhan
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
KodekX | Application Modernization Development
KodekX
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Approach and Philosophy of On baking technology
30anthuong17
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 

Middleware hacking

  • 2. Agenda • what is Middleware? • Vendors for Middleware? • Where it stands in a picture? • Types of Middleware? • Vulnerabilities in Middleware? • Importance of middleware patching?
  • 3. What is Middleware ? What is Middleware? Middleware is the software that connects software components or enterprise applications. Middleware is the software layer that lies between the operating system and the applications on each side of a distributed computer network Typically, it supports complex, distributed business software applications. https://docs.oracle.com/cd/E15523_01/core.1111/e10103/intro.htm#BABEICDD Servers / Client This is middleware in my understanding.. 
  • 5. Where Middleware stands in picture M I D D L E W A R E
  • 6. Where Middleware stands in picture KERNEL Network OS Service Middleware Distributed Application
  • 7. Types of Middleware? OBJECT Oriented Middleware RPC (remote procedure call) MOM Message oriented Middleware Event based Middleware
  • 8. RPC (remote procedure call) http://p.motionelements.com/stock-video/nature/me705539-inside-mcdonald-s-restaurant-hd-a0252.jpg
  • 9. RPC (remote procedure call) APPLICATION CALL(function) CLIENT STUB marshalling (network portable format) RPC RPC SERVER STUB unmarshalling Function execute and result PROS * Distributed application * can call any function from anywhere CONS • Platform Dependent • Language Dependent RPC
  • 11. OBJECT Oriented Middleware (ORB) CORBA The Common Object Request Broker Architecture
  • 12. OBJECT Oriented Middleware (ORB) CORBA The Common Object Request Broker Architecture BY OMG Group PROS • Platform Independent • Language Independent • ORB :- Object request broker • IIOP :- internet inter operable protocol. APPLICATION CALL(function) CLIENT STUB ORB ORB Skeleton Function execute and result IIOP :- internet inter operable protocol. IDL
  • 14. COM/DCOM PROS • MSIDL:- Microsoft IDL • DCE-RCP :-distributed computing Env-R. CLIENT Proxy COM runtime lib in windows NT COM runtime lib in windows NT STUB Function execute and result DCE-RPC Component object module and distributed component Object Module MSIDL
  • 15. Enterprise JAVA Bean JAVA RMI (Remote Method Invocation) PROS • Platform Independent • JAVA RMI . WEB Browser WEB APP RMI registry/ JVM RMI registry/ JVM JDBC DATABASE IDL RMI-IIOP
  • 16. Vulnerabilities in Middleware ISSUES • OVERFLOWS • WEB Application TOP 10 • Architecture flow • Say No to Scanner’s