News Feed
Jobs Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Infosec Institute:
SQL Injection through HTTP Headers
April 04, 2012 @ 10:17:08

While not specific to PHP, security is something that all developers need to think about in their applications. To that end, the Infosec Institute has published this guide to helping you prevent SQL injection attacks that could come in via the HTTP headers of requests to your site.

During vulnerability assessment or penetration testing, identifying the input vectors of the target application is a primordial step. Sometimes, when dealing with Web application testing, verification routines related to SQL injection flaws discovery are restricted to the GET and POST variables as the unique inputs vectors ever. What about other HTTP header parameters? Aren't they potential input vectors for SQL injection attacks? How can one test all these HTTP parameters and which vulnerability scanners to use in order to avoid leaving vulnerabilities undiscovered in parts of the application?

They start by describing the different kinds of headers that the attacks could come in on - GET, POST, cookies and the other HTTP headers. According to some results, the HTTP headers option is the least protected in most common applications. He includes some good examples of headers that might contain malicious data such as:

  • X-Forwarded-For
  • User-agent
  • Referer

Techniques are also included showing you tools and methods to help test your own applications including some in-browser tools and external applications (like Sqlmap, Nessus, WebInspect, SkipFish and Wapiti) with some average scores from running them on various coverage scores.

0 comments voice your opinion now!
sql injection http headers security prevention scanner


Greg Beaver's Blog:
Quick review of Pixy vulnerability scanner for PEAR users
June 25, 2007 @ 07:30:27

Greg Bever has a (very) quick post about his experiences with the Pixy XSS and SQLI Scanner running against PEAR files.

I tried out the Pixy XSS and SQLI Scanner (http://pixybox.seclab.tuwien.ac.at/pixy/index.php) on a few simple PEAR files. On the first, I got a java exception, on the second it was unable to resolve the simplest of includes (no ability to resolve include_path). In short, the thing is useless for anything written using PEAR. Fun!

The Pixy XSS and SQLI Scanner is made to find SQL and XSS injection issues in scripts. It runs as a Java application and scans PHP4 source code to try to find problems. For more information on the scanner or to try it out for yourself, check out the project's homepage for documentation and downloads.

0 comments voice your opinion now!
review pixy vulnerability scanner pear xss sqlinjection review pixy vulnerability scanner pear xss sqlinjection


ThinkPHP Blog:
SQL injections for dummies - and how to fix them
September 15, 2006 @ 07:38:15

On the ThinkPHP Blog, there's a look at how to handle SQL injections, including a video showing how their product, Chorizo handles their discovery in your application.

Well, database operations are bread-and-butter work for most PHP applications. PHP and MySQL, for example, have been like brother and sister for many years. You may have heard about "SQL injections", a bad taste from the outside world of $_GET, $_POST, $_COOKIE and the like.

They mention the obvious - not accepting unfiltered input from users - and how the Chorizo and Morcilla software work to identify and comabt them in an application. You can even check out a Flash video of the process you'd need to take.

0 comments voice your opinion now!
sql injection chorizo morcilla scanner security input filter sql injection chorizo morcilla scanner security input filter


Think-PHP Blog:
Detect and fix security vulnerabilities on server side within seconds
September 07, 2006 @ 07:12:27

From the group that brings you Chorizo! and Morcilla, the latest in PHP security tools, is a video showing how to find and correct the issues that your script might have on the server side (with the help of Morcilla).

This video shows you how Morcilla, our brand new PHP extension, lets Chorizo! have a look inside your application on the server.

We are able to hook into every PHP function and trace the payloads of Chorizo!. By default, Morcilla hooks into the whole MySQL function family, fopen, mail, include/require/include_once/require_once, preg_* and others. With a ZendEngine patch, we are able to trace unset variables and a lot more.

The video (basically a screen capture of the process) is a bit hard to read in the smaller version, so it's recommended to view the larger size if you want to see the options. It's interesting, though, to see how it picks out the errors and tells what they are and where you can go to fix them (like a file inclusion issue, as they demonstrate).

0 comments voice your opinion now!
chorizo security scanner morcilla serverside video example chorizo security scanner morcilla serverside video example


ThinkPHP Blog:
New Help Center for Chorizo!
August 29, 2006 @ 07:57:23

On the ThinkPHP Blog, there's information posted about a new help center for their Chorizo! scanner with lots of information included already.

Go and check out Chorizo!'s new Help Center. We extended the existing tutorials and provide a smooth overview about the current documentation. Included is an overview about all the scanner plugins Chorizo! is using and explain a bit what each plugin does.

There are "Getting Started" guides offered, video tutorials, details on each of the plugins (PHPversions, XSS plugin, Session injection, etc), some of the features of the scanner, and some general troubleshooting information.

0 comments voice your opinion now!
help center chorizo scanner security free plugin video getting started help center chorizo scanner security free plugin video getting started


ThinkPHP Blog:
Improving Usability on "My Chorizo" page the host signature file
July 31, 2006 @ 05:59:21

The guys over at the ThinkPHP blog are already improving their Chorizo security scanner software with refreshed usability for their "My Chorizo" page inside the utility.

In the spirit of Web2.0 applications, we constantly improve Chorizo! and silently update the application with the newest features. In order to scan a host, you have to prove that you are the owner of the host by uploading a unique signature file to your host's document root. Some of our users had trouble uploading it into the docroot, some accidently put it into the wrong directory.

Their enhancement makes it easy to tell which of the products have their signature files in place and while don't at a glance.

0 comments voice your opinion now!
chorizo web scanner usability update signature chorizo web scanner usability update signature


ThinkPHP Blog:
Commoditizing PHP security (Chorizo! Launched)
July 21, 2006 @ 05:42:44

The fine folks over at ThinkPHP have released their scanning tool, Chorizo!, to the general public - including the ability to sign up for a free account.

We think it's time to commoditize PHP web application security. You may have heard of Chorizo!.

With this free account, it's possible to use the Chorizo! application service as a proxy and scan 1 host. All scan datas are encrypted, your data is only visible to you. There are also some valuable help documents available that explain the whole process from registering up to uploading the signature file onto your host and how to analyze the results.

They also have a commercial version that includes: the Advisor software to help you correct the issues found, a more detailed report analyzer, and a PDF export of the reports.

0 comments voice your opinion now!
chorizo launch security scanner tool reports advisor free chorizo launch security scanner tool reports advisor free



Community Events











Don't see your event here?
Let us know!


framework release composer performance install podcast facebook unittest database symfony2 package security introduction application hhvm component project hack language example

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework