A Study In Scarlet – Exploiting Common Vulnerabilities in PHP Applications

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

                           A Study In Scarlet
          Exploiting Common Vulnerabilities in PHP Applications

                                                                Shaun Clowes
                                                               SecureReality

“A reprint of reminisces from the Blackhat Briefings Asia 2001”

<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

— < Table of Contents > ————————————————–

1. Introduction
2. Caveats and Scope
3. Global Variables
4. Remote Files
5. File Upload
6. Library Files
7. Session Files
8. Loose Typing And Associative Arrays
9. Target Functions
10. Protecting PHP
11. Responsibility – Language vs Programmer
12. Other

“I could imagine his giving a friend a little pinch of the latest vegetable
alkaloid, not out of malevolence, you understand, but simply out of a spirit
of inquiry in order to have an accurate idea of the effects.” – Stamford
[……]

继续阅读

[原]禁止网站外部提交表单函数

允许从网站外部提交表单可能会带来严重的安全隐患,ASP和PHP都可以构造POST数据,攻击者可能使用暴力猜解来获得后台管理密码,或者通过SQL注入来得到他没有权限得到的东西,进而获得整个网站的控制权。防SQL注入攻击在此不再叙述,各种方法林林总总。当然也可以使用验证码的方式来避免此类问题,本篇只给出ASP和PHP两个禁止网站外部提交表单的函数。[……]

继续阅读