Security

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

Post Reply
JPlush76
Forum Regular
Posts: 819
Joined: Thu Aug 01, 2002 5:42 pm
Location: Los Angeles, CA
Contact:

Security

Post by JPlush76 »

I think we all generally like to try and code our applications as "secure" as possible but does anyone know how to test these things?

Is there a site out there that tells you what the exploit is and how to use it so you can test your own site against it?
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

like an automatic web-rootkit? I would be interested in such a site, too, if there are any useful/trustworthy :D
JPlush76
Forum Regular
Posts: 819
Joined: Thu Aug 01, 2002 5:42 pm
Location: Los Angeles, CA
Contact:

Post by JPlush76 »

hmmm I'm not sure what kind of site exactly...

take global variables for instance, they are turned off now because of security... but how do you expoit that if they're turned on?

I'm just thinking of ways you could test your own sites security against the most common ways of breaking in and how the code really protects it.
User avatar
mydimension
Moderator
Posts: 531
Joined: Tue Apr 23, 2002 6:00 pm
Location: Lowell, MA USA
Contact:

Post by mydimension »

i guess the best practice is to be very paranoid about the security of your site. the problem then lies in what to be paranoid about. one of the biggest security problems was the register_globals option that is now default to off.

the reason for this is easy to understand but hard to explain. lemme see if i can. with register_globals set to on, all form variables, cookie variable and session variables are made into their own seperate variable. this makes things conveient for the programmer and even easier for a hacker. say you have a session/cookie variable that holds the acces level for the current user. you use this value to test whether or not they have access to a particular page. that user can ovverride that value but sending a malicious value through the address line, a GET variable. if you do not take great care, that user could gain access to priveledge areas by simply adding an extra item to the address line.

hope that was easy to follow.
JPlush76
Forum Regular
Posts: 819
Joined: Thu Aug 01, 2002 5:42 pm
Location: Los Angeles, CA
Contact:

Post by JPlush76 »

yea I know about the global vars cause thats a simple attack just using the get request in the URL, I was just using that as an example.

We all try to make our site "secure" but why? I wanna see how these things can be exploited.

I make sure to check my forms for proper user input. But why? what can the user enter that would be malicious and attack my server through a form?

Things like that I'm curious about.
jason
Site Admin
Posts: 1767
Joined: Thu Apr 18, 2002 3:14 pm
Location: Montreal, CA
Contact:

Post by jason »

There is some good information here:

http://www.phpadvisory.com/ :D
User avatar
mydimension
Moderator
Posts: 531
Joined: Tue Apr 23, 2002 6:00 pm
Location: Lowell, MA USA
Contact:

Post by mydimension »

one thing than can come to bite you is if a user sticks SQL code in a form element. if you don't check it you could end up with a coruppted DB or worse.
User avatar
nielsene
DevNet Resident
Posts: 1834
Joined: Fri Aug 16, 2002 8:57 am
Location: Watertown, MA

Post by nielsene »

Pick up a copy of Hacking Exposed: Web Application. It does a great job of listing the steps an attacker would take to compromise a site.
evilcoder
Forum Contributor
Posts: 345
Joined: Tue Dec 17, 2002 5:37 am
Location: Sydney, Australia

Post by evilcoder »

Easiest way, ask people to test your security, However be careful with that you might get some malicous knobjockey screw your site.
Post Reply