SlideShare a Scribd company logo

Vulnerability assessment of PHP Frameworks

Download as PPTX, PDF
Valency Networks
Valency Networks

Vulnerability assessment of PHP Frameworks

Internet
1 of 12
Vulnerability Analysis Of PHP Frameworks Author : Shubham Dhamande June,2017
www.valencynetworks.com Introduction PHP is the most widely used server side language Many open source frameworks are popular Easy targets for attackers Frameworks Analysed: CodeIgniter, CakePHP, Symfony Vulnerability Analysis Tools used: Arachni, OWASP-ZAP, Nikto
www.valencynetworks.com 1. Revealing system paths and directory listing. Error messages can include file paths, which can reveal the framework, language and/or server used for that application. This makes the application vulnerable to Directory Traversal Attack. If the directory listing is not turned off or if the attackers are successful in turning the directory listing on, attackers can get hold of the source code, hidden scripts and configuration files.
www.valencynetworks.com Fixation: Turn off the descriptive error messages and directory listing at the application level as well as at the server level. Return static error page with response code 404 for the paths that could not find content to serve. Manually review permissions of web directory contents for unnecessary files, such as documentation, template, example files, which could be used by an attacker to identify attackable surface area. Sanitize the URL parameters to prevent reverse traversal by ‘../’, an extra ‘/’ or Unicode characters.
www.valencynetworks.com 2. Not configuring response headers Not setting X-XSS-Protection, X-Frame-Options, X-Content-Type- Options and allowing TRACE/TRACK HTTP method requests makes the application vulnerable to XSS attacks, ClickJacking attacks and MIME-sniffing.
www.valencynetworks.com Fixation: Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'. Set X-Frame-Options to DENY or SAMEORIGIN depending on the requirement. Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X- Content-Type-Options header to 'nosniff' for all web pages. Disable TRACE/TRACK methods.
www.valencynetworks.com 3. Not verifying referral header of a submitted form Not verifying referral header of form submission can lead to CSRF attacks. Most of the forms are submitted by POST method but the application may not check if the request was coming in from their own site or not. The request might be coming in from an attacker’s portal. Fixation: Checking for a referral header can help in preventing the CSRF. Allow request from the same domain or trusted domains. Make sure the application is not vulnerable to open redirects. Use of HTTPS can also prevent this attack.
8 4. Not implementing secure authentication methods Not using SSL/TLS, not hashing passwords before storage, not mandating tough password rules can leave the applications vulnerable to many kinds of attacks. Not limiting maximum length for passwords can make the app vulnerable to DOS attack. Weak password reset mechanism can invite MITM attacks. Giving login error response, which states if the account of a particular login id exists or not, can invite brute force attacks.
9 Fixation: Use either framework’s built in methods or a trusted authentication library to implement a secure authentication system. Use of HTTPS is recommended. Allow 2 Factor Authentication for Admin Accounts or for all the users of a critical application. Login error response should be standard irrespective of the existence of the login id, for example “Login ID and password combination invalid” instead of “Login ID not found”.
10 Few other vulnerabilities • Not validating, sanitizing user inputs • Not keeping the framework updated to the latest version • Using third party modules without assessing their security • Using default admin username (and even password!)
11 Recommended Be updated about the latest vulnerabilities regarding the frameworks, modules and languages used by the web application through newsletters, github and blog posts. Assess the application after it is updated using any of the robust tools available.
www.valencynetworks.com An ISO27001 Certified Company http://www.valencynetworks.com sales@valencynetworks.com Facebook Twitter Linkedin

Recommended

Secure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior
 
Secure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior
 
Tips for web security
Tips for web securityTips for web security
Tips for web securitykareowebtech
 
Secure Code Warrior - Remote file inclusion
Secure Code Warrior - Remote file inclusionSecure Code Warrior - Remote file inclusion
Secure Code Warrior - Remote file inclusionSecure Code Warrior
 
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYANBEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYANSamvel Gevorgyan
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthanRaghunath G
 
Secure Code Warrior - Issues with origins
Secure Code Warrior - Issues with originsSecure Code Warrior - Issues with origins
Secure Code Warrior - Issues with originsSecure Code Warrior
 
SeanRobertsThesis
SeanRobertsThesisSeanRobertsThesis
SeanRobertsThesisSean Roberts
 

Recommended

Secure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior
 
Secure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior - Cross site scripting
Secure Code Warrior - Cross site scriptingSecure Code Warrior
 
Tips for web security
Tips for web securityTips for web security
Tips for web securitykareowebtech
 
Secure Code Warrior - Remote file inclusion
Secure Code Warrior - Remote file inclusionSecure Code Warrior - Remote file inclusion
Secure Code Warrior - Remote file inclusionSecure Code Warrior
 
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYANBEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYAN
BEST PRACTICES OF WEB APPLICATION SECURITY By SAMVEL GEVORGYANSamvel Gevorgyan
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthanRaghunath G
 
Secure Code Warrior - Issues with origins
Secure Code Warrior - Issues with originsSecure Code Warrior - Issues with origins
Secure Code Warrior - Issues with originsSecure Code Warrior
 
SeanRobertsThesis
SeanRobertsThesisSeanRobertsThesis
SeanRobertsThesisSean Roberts
 
Content security policy
Content security policyContent security policy
Content security policyRonan Dunne, CEH, SSCP
 
Web application development_dos_and_donts
Web application development_dos_and_dontsWeb application development_dos_and_donts
Web application development_dos_and_dontshuynhvanphuc
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityChris Hillman
 
Web Vulnerabilities And Exploitation - Compromising The Web
Web Vulnerabilities And Exploitation - Compromising The WebWeb Vulnerabilities And Exploitation - Compromising The Web
Web Vulnerabilities And Exploitation - Compromising The WebZero Science Lab
 
Security guidelines for web development
Security guidelines for web developmentSecurity guidelines for web development
Security guidelines for web developmentkumar gaurav
 
OWASP
OWASPOWASP
OWASPgehad hamdy
 
4.Xss
4.Xss4.Xss
4.Xssphanleson
 
Mime sniffing
Mime sniffingMime sniffing
Mime sniffingRonan Dunne, CEH, SSCP
 
Hacking A Web Site And Secure Web Server Techniques Used
Hacking A Web Site And Secure Web Server Techniques UsedHacking A Web Site And Secure Web Server Techniques Used
Hacking A Web Site And Secure Web Server Techniques UsedSiddharth Bhattacharya
 
Secure Code Warrior - Unrestricted file upload
Secure Code Warrior - Unrestricted file uploadSecure Code Warrior - Unrestricted file upload
Secure Code Warrior - Unrestricted file uploadSecure Code Warrior
 
Web Application Security 101 - 04 Testing Methodology
Web Application Security 101 - 04 Testing MethodologyWeb Application Security 101 - 04 Testing Methodology
Web Application Security 101 - 04 Testing MethodologyWebsecurify
 
OWASP Evening #10
OWASP Evening #10OWASP Evening #10
OWASP Evening #10Predrag Cujanović
 
Hack Firefox to steal websecrets
Hack Firefox to steal websecretsHack Firefox to steal websecrets
Hack Firefox to steal websecretsguestb3d416
 
Wordpress malware - What is it and how to protect your website.
Wordpress malware - What is it and how to protect your website.Wordpress malware - What is it and how to protect your website.
Wordpress malware - What is it and how to protect your website.Owen Cutajar
 
Why You Need A Web Application Firewall
Why You Need A Web Application FirewallWhy You Need A Web Application Firewall
Why You Need A Web Application FirewallPort80 Software
 
OWASP Evening #10 Serbia
OWASP Evening #10 SerbiaOWASP Evening #10 Serbia
OWASP Evening #10 SerbiaPredrag Cujanović
 
OWASP Top 10 And Insecure Software Root Causes
OWASP Top 10 And Insecure Software Root CausesOWASP Top 10 And Insecure Software Root Causes
OWASP Top 10 And Insecure Software Root CausesMarco Morana
 
Unrestricted file upload
Unrestricted file uploadUnrestricted file upload
Unrestricted file uploadvikram vashisth
 
Tips for web security
Tips for web securityTips for web security
Tips for web securitykareowebtech
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Vaibhav Gupta
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxkarthikvcyber
 
logout.php Session Data after Logout Username Email . $_.docx
logout.php Session Data after Logout Username Email . $_.docxlogout.php Session Data after Logout Username Email . $_.docx
logout.php Session Data after Logout Username Email . $_.docxsmile790243
 

More Related Content

What's hot

Web application development_dos_and_donts
Web application development_dos_and_dontsWeb application development_dos_and_donts
Web application development_dos_and_dontshuynhvanphuc
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityChris Hillman
 
Web Vulnerabilities And Exploitation - Compromising The Web
Web Vulnerabilities And Exploitation - Compromising The WebWeb Vulnerabilities And Exploitation - Compromising The Web
Web Vulnerabilities And Exploitation - Compromising The WebZero Science Lab
 
Security guidelines for web development
Security guidelines for web developmentSecurity guidelines for web development
Security guidelines for web developmentkumar gaurav
 
Hacking A Web Site And Secure Web Server Techniques Used
Hacking A Web Site And Secure Web Server Techniques UsedHacking A Web Site And Secure Web Server Techniques Used
Hacking A Web Site And Secure Web Server Techniques UsedSiddharth Bhattacharya
 
Secure Code Warrior - Unrestricted file upload
Secure Code Warrior - Unrestricted file uploadSecure Code Warrior - Unrestricted file upload
Secure Code Warrior - Unrestricted file uploadSecure Code Warrior
 
Web Application Security 101 - 04 Testing Methodology
Web Application Security 101 - 04 Testing MethodologyWeb Application Security 101 - 04 Testing Methodology
Web Application Security 101 - 04 Testing MethodologyWebsecurify
 
Hack Firefox to steal websecrets
Hack Firefox to steal websecretsHack Firefox to steal websecrets
Hack Firefox to steal websecretsguestb3d416
 
Wordpress malware - What is it and how to protect your website.
Wordpress malware - What is it and how to protect your website.Wordpress malware - What is it and how to protect your website.
Wordpress malware - What is it and how to protect your website.Owen Cutajar
 
Why You Need A Web Application Firewall
Why You Need A Web Application FirewallWhy You Need A Web Application Firewall
Why You Need A Web Application FirewallPort80 Software
 
OWASP Top 10 And Insecure Software Root Causes
OWASP Top 10 And Insecure Software Root CausesOWASP Top 10 And Insecure Software Root Causes
OWASP Top 10 And Insecure Software Root CausesMarco Morana
 
Unrestricted file upload
Unrestricted file uploadUnrestricted file upload
Unrestricted file uploadvikram vashisth
 

What's hot (18)

Content security policy
Content security policyContent security policy
Content security policy
 
Web application development_dos_and_donts
Web application development_dos_and_dontsWeb application development_dos_and_donts
Web application development_dos_and_donts
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
Web Vulnerabilities And Exploitation - Compromising The Web
Web Vulnerabilities And Exploitation - Compromising The WebWeb Vulnerabilities And Exploitation - Compromising The Web
Web Vulnerabilities And Exploitation - Compromising The Web
 
Security guidelines for web development
Security guidelines for web developmentSecurity guidelines for web development
Security guidelines for web development
 
OWASP
OWASPOWASP
OWASP
 
4.Xss
4.Xss4.Xss
4.Xss
 
Mime sniffing
Mime sniffingMime sniffing
Mime sniffing
 
Hacking A Web Site And Secure Web Server Techniques Used
Hacking A Web Site And Secure Web Server Techniques UsedHacking A Web Site And Secure Web Server Techniques Used
Hacking A Web Site And Secure Web Server Techniques Used
 
Secure Code Warrior - Unrestricted file upload
Secure Code Warrior - Unrestricted file uploadSecure Code Warrior - Unrestricted file upload
Secure Code Warrior - Unrestricted file upload
 
Web Application Security 101 - 04 Testing Methodology
Web Application Security 101 - 04 Testing MethodologyWeb Application Security 101 - 04 Testing Methodology
Web Application Security 101 - 04 Testing Methodology
 
OWASP Evening #10
OWASP Evening #10OWASP Evening #10
OWASP Evening #10
 
Hack Firefox to steal websecrets
Hack Firefox to steal websecretsHack Firefox to steal websecrets
Hack Firefox to steal websecrets
 
Wordpress malware - What is it and how to protect your website.
Wordpress malware - What is it and how to protect your website.Wordpress malware - What is it and how to protect your website.
Wordpress malware - What is it and how to protect your website.
 
Why You Need A Web Application Firewall
Why You Need A Web Application FirewallWhy You Need A Web Application Firewall
Why You Need A Web Application Firewall
 
OWASP Evening #10 Serbia
OWASP Evening #10 SerbiaOWASP Evening #10 Serbia
OWASP Evening #10 Serbia
 
OWASP Top 10 And Insecure Software Root Causes
OWASP Top 10 And Insecure Software Root CausesOWASP Top 10 And Insecure Software Root Causes
OWASP Top 10 And Insecure Software Root Causes
 
Unrestricted file upload
Unrestricted file uploadUnrestricted file upload
Unrestricted file upload
 

Similar to Vulnerability assessment of PHP Frameworks

Tips for web security
Tips for web securityTips for web security
Tips for web securitykareowebtech
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Vaibhav Gupta
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxkarthikvcyber
 
logout.php Session Data after Logout Username Email . $_.docx
logout.php Session Data after Logout Username Email . $_.docxlogout.php Session Data after Logout Username Email . $_.docx
logout.php Session Data after Logout Username Email . $_.docxsmile790243
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxDARSHANBHAVSAR14
 
Continuing in your role as a human service provider for your local.docx
Continuing in your role as a human service provider for your local.docxContinuing in your role as a human service provider for your local.docx
Continuing in your role as a human service provider for your local.docxrichardnorman90310
 
Secure programming with php
Secure programming with phpSecure programming with php
Secure programming with phpMohmad Feroz
 
Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Jay Nagar
 
Threats, Threat Modeling and Analysis
Threats, Threat Modeling and AnalysisThreats, Threat Modeling and Analysis
Threats, Threat Modeling and AnalysisIan G
 
Application Security Part 1 Threat Defense In Client Server Applications ...
Application Security Part 1 Threat Defense In Client Server Applications ...Application Security Part 1 Threat Defense In Client Server Applications ...
Application Security Part 1 Threat Defense In Client Server Applications ...Greg Sohl
 
Techniques for securing rest
Techniques for securing restTechniques for securing rest
Techniques for securing restSudhakar Anivella
 
Web application vulnerability assessment
Web application vulnerability assessmentWeb application vulnerability assessment
Web application vulnerability assessmentRavikumar Paghdal
 
11 PHP Security #burningkeyboards
11 PHP Security #burningkeyboards11 PHP Security #burningkeyboards
11 PHP Security #burningkeyboardsDenis Ristic
 
Top security threats to Flash/Flex applications and how to avoid them
Top security threats to Flash/Flex applications and how to avoid themTop security threats to Flash/Flex applications and how to avoid them
Top security threats to Flash/Flex applications and how to avoid themElad Elrom
 
Browser Security ppt.pptx
Browser Security ppt.pptxBrowser Security ppt.pptx
Browser Security ppt.pptxAjaySahre
 
Secure Form Processing and Protection - Devspace 2015
Secure Form Processing and Protection - Devspace 2015 Secure Form Processing and Protection - Devspace 2015
Secure Form Processing and Protection - Devspace 2015 Joe Ferguson
 

Similar to Vulnerability assessment of PHP Frameworks (20)

Tips for web security
Tips for web securityTips for web security
Tips for web security
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptx
 
logout.php Session Data after Logout Username Email . $_.docx
logout.php Session Data after Logout Username Email . $_.docxlogout.php Session Data after Logout Username Email . $_.docx
logout.php Session Data after Logout Username Email . $_.docx
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptx
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101
 
Continuing in your role as a human service provider for your local.docx
Continuing in your role as a human service provider for your local.docxContinuing in your role as a human service provider for your local.docx
Continuing in your role as a human service provider for your local.docx
 
Secure programming with php
Secure programming with phpSecure programming with php
Secure programming with php
 
Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )
 
Threats, Threat Modeling and Analysis
Threats, Threat Modeling and AnalysisThreats, Threat Modeling and Analysis
Threats, Threat Modeling and Analysis
 
Application Security Part 1 Threat Defense In Client Server Applications ...
Application Security Part 1 Threat Defense In Client Server Applications ...Application Security Part 1 Threat Defense In Client Server Applications ...
Application Security Part 1 Threat Defense In Client Server Applications ...
 
2 . web app s canners
2 . web app s canners2 . web app s canners
2 . web app s canners
 
Techniques for securing rest
Techniques for securing restTechniques for securing rest
Techniques for securing rest
 
Web application vulnerability assessment
Web application vulnerability assessmentWeb application vulnerability assessment
Web application vulnerability assessment
 
11 PHP Security #burningkeyboards
11 PHP Security #burningkeyboards11 PHP Security #burningkeyboards
11 PHP Security #burningkeyboards
 
T04505103106
T04505103106T04505103106
T04505103106
 
Top security threats to Flash/Flex applications and how to avoid them
Top security threats to Flash/Flex applications and how to avoid themTop security threats to Flash/Flex applications and how to avoid them
Top security threats to Flash/Flex applications and how to avoid them
 
OWASP Top10 2010
OWASP Top10 2010OWASP Top10 2010
OWASP Top10 2010
 
Browser Security ppt.pptx
Browser Security ppt.pptxBrowser Security ppt.pptx
Browser Security ppt.pptx
 
Secure Form Processing and Protection - Devspace 2015
Secure Form Processing and Protection - Devspace 2015 Secure Form Processing and Protection - Devspace 2015
Secure Form Processing and Protection - Devspace 2015
 

Recently uploaded

Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012rehmti665
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Roomdivyansh0kumar0
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsstephieert
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 

Recently uploaded (20)

Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICECall Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
Call Girls Service Dwarka @9999965857 Delhi 🫦 No Advance VVIP 🍎 SERVICE
 
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
Call Girls South Delhi Delhi reach out to us at ☎ 9711199012
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
 
Russian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girlsRussian Call girls in Dubai +971563133746 Dubai Call girls
Russian Call girls in Dubai +971563133746 Dubai Call girls
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-
sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-
sasti delhi Call Girls in munirka 🔝 9953056974 🔝 escort Service-
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 

Vulnerability assessment of PHP Frameworks

  • 1. Vulnerability Analysis Of PHP Frameworks Author : Shubham Dhamande June,2017
  • 2. www.valencynetworks.com Introduction PHP is the most widely used server side language Many open source frameworks are popular Easy targets for attackers Frameworks Analysed: CodeIgniter, CakePHP, Symfony Vulnerability Analysis Tools used: Arachni, OWASP-ZAP, Nikto
  • 3. www.valencynetworks.com 1. Revealing system paths and directory listing. Error messages can include file paths, which can reveal the framework, language and/or server used for that application. This makes the application vulnerable to Directory Traversal Attack. If the directory listing is not turned off or if the attackers are successful in turning the directory listing on, attackers can get hold of the source code, hidden scripts and configuration files.
  • 4. www.valencynetworks.com Fixation: Turn off the descriptive error messages and directory listing at the application level as well as at the server level. Return static error page with response code 404 for the paths that could not find content to serve. Manually review permissions of web directory contents for unnecessary files, such as documentation, template, example files, which could be used by an attacker to identify attackable surface area. Sanitize the URL parameters to prevent reverse traversal by ‘../’, an extra ‘/’ or Unicode characters.
  • 5. www.valencynetworks.com 2. Not configuring response headers Not setting X-XSS-Protection, X-Frame-Options, X-Content-Type- Options and allowing TRACE/TRACK HTTP method requests makes the application vulnerable to XSS attacks, ClickJacking attacks and MIME-sniffing.
  • 6. www.valencynetworks.com Fixation: Ensure that the web browser's XSS filter is enabled, by setting the X-XSS-Protection HTTP response header to '1'. Set X-Frame-Options to DENY or SAMEORIGIN depending on the requirement. Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X- Content-Type-Options header to 'nosniff' for all web pages. Disable TRACE/TRACK methods.
  • 7. www.valencynetworks.com 3. Not verifying referral header of a submitted form Not verifying referral header of form submission can lead to CSRF attacks. Most of the forms are submitted by POST method but the application may not check if the request was coming in from their own site or not. The request might be coming in from an attacker’s portal. Fixation: Checking for a referral header can help in preventing the CSRF. Allow request from the same domain or trusted domains. Make sure the application is not vulnerable to open redirects. Use of HTTPS can also prevent this attack.
  • 8. 8 4. Not implementing secure authentication methods Not using SSL/TLS, not hashing passwords before storage, not mandating tough password rules can leave the applications vulnerable to many kinds of attacks. Not limiting maximum length for passwords can make the app vulnerable to DOS attack. Weak password reset mechanism can invite MITM attacks. Giving login error response, which states if the account of a particular login id exists or not, can invite brute force attacks.
  • 9. 9 Fixation: Use either framework’s built in methods or a trusted authentication library to implement a secure authentication system. Use of HTTPS is recommended. Allow 2 Factor Authentication for Admin Accounts or for all the users of a critical application. Login error response should be standard irrespective of the existence of the login id, for example “Login ID and password combination invalid” instead of “Login ID not found”.
  • 10. 10 Few other vulnerabilities • Not validating, sanitizing user inputs • Not keeping the framework updated to the latest version • Using third party modules without assessing their security • Using default admin username (and even password!)
  • 11. 11 Recommended Be updated about the latest vulnerabilities regarding the frameworks, modules and languages used by the web application through newsletters, github and blog posts. Assess the application after it is updated using any of the robust tools available.
  • 12. www.valencynetworks.com An ISO27001 Certified Company http://www.valencynetworks.com sales@valencynetworks.com Facebook Twitter Linkedin