Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Security Analysis of the PHP language By Jonas Heineson Mattias Österberg.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "A Security Analysis of the PHP language By Jonas Heineson Mattias Österberg."— Presentation transcript:

1 A Security Analysis of the PHP language By Jonas Heineson Mattias Österberg

2 The PHP language ● Common script language for web applications ● Platform independent ● Runs on the Zend VM ● The Zend VM is implemented in C

3 PHP Vulnerabilities ● Different versions, different distributions ● Open source gives good security ● Top 5 vulnerabilities investigated ● http://cve.mitre.org

4 Security Bypass ● Ability to pass restrictions set by code ● Goal is to get access to restricted information ● Information gained depends on the vulnerable function

5 Security Bypass; Example attack ● Vulnerable mail packages ● mb_send_mail() ● safe_mode, open_basedir ● imap_open, _body, _list, _createmailbox, _deletemailbox

6 System Access ● Attack with highest gain ● Goal is to be able to run arbitrary code with the same privileges as the local user ● Always existed in top of vulnerability top 5 ● Mostly based around buffer overflows

7 Cross Site Scripting ● Embedded scripts ● Retrieve confidential information, manipulate cookies, execute arbitrary code on end user ● Server not compromised – used as a tool ● Solution: Validate user input

8 Cross Site Scripting; Example include(“modules/$name/$file.php”); http://host.com/modules.php?op=modload&name=XForum&fil e=[hostile_javascript]&fid=2 Generates Error: Warning: Failed opening 'modules/XForum/.php' for inclusion (include_path=´´) in /home/foo/htdocs/modules.php on line 27 Error message prints the offending filename and the browser then parses the javascript (part of the filename), i.e. executes the script on the viewers computer

9 Denial of Service ● Most DoS attacks targets badly implemented library functions ● An example; specially crafted JPEG image (changed image header) gets called by getimagesize(), which call php_handle_jpeg() and php_handle_iff() ● Causes an infinite loop, which consume all CPU resources ● Solution: Don't use vulnerable functions, apply patches frequently

10 Results ● Problem is in most cases unvalidated user input ● Different injection attacks ● Example: http://www.victim.com/index.php?p=about.htm changed to http://www.victim.com/index.php?p=../../../etc/passwd ● When vulnerabilities in PHP are discovered, patches are quick to appear ● PHP is mostly no more insecure than its user

Download ppt "A Security Analysis of the PHP language By Jonas Heineson Mattias Österberg."

Similar presentations

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
Webgoat.

Webgoat.
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.

Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011.
By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.

By Brian Vees.  SQL Injection  Username Enumeration  Cross Site Scripting (XSS)  Remote Code Execution  String Formatting Vulnerabilities.
Server-Side vs. Client-Side Scripting Languages

Server-Side vs. Client-Side Scripting Languages
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Varun Sharma Security Engineer | ACE Team | Microsoft Information Security

Varun Sharma Security Engineer | ACE Team | Microsoft Information Security
Web Application Security

Web Application Security
Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.

Security and Risk Management. Who Am I Matthew Strahan from Content Security Principal Security Consultant I look young, but I’ve been doing this for.
Vulnerabilities. flaws in systems that allow them to be exploited provide means for attackers to compromise hosts, servers and networks.

Vulnerabilities. flaws in systems that allow them to be exploited provide means for attackers to compromise hosts, servers and networks.
Testing Tools. Categories of testing tools Black box testing, or functional testing Testing performed via GUI. The tool helps in emulating end-user actions.

Testing Tools. Categories of testing tools Black box testing, or functional testing Testing performed via GUI. The tool helps in emulating end-user actions.
Cosc 4765 Server side Web security. Web security issues From Cenzic Vulnerability report 2014 https://info.cenzic.com/2013-Application-Security-Trends-Report.html.

Cosc 4765 Server side Web security. Web security issues From Cenzic Vulnerability report
Prevent Cross-Site Scripting (XSS) attack

Prevent Cross-Site Scripting (XSS) attack
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.

+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.

Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
A Framework for Automated Web Application Security Evaluation

A Framework for Automated Web Application Security Evaluation
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.

Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.

Similar presentations

Ads by Google