Monday, December 16, 2013

PHP Top vulnerability methods - learn more with @s.shivasurya i-vision blog





We are living in the challenging world,where one Amazes peoples by creating New tecnology ,where the other tries to crack and reveal the secret.The developer tries to fix them by implementing new techniques and hackers tries to explore the vulnerability and this game always go on. Does'nt Ends :P

so lets here some glance about top vulnerabilities!


SQL Injections:



Sql injection is the first black listed here.sql injection occurs when the user doesnt sanitize his user input values and directly updates or inserts in Database.It is mostly commonly seen vulnerability in PHP sites!so,to prevent this now PHP has introduced Prepared statements PDO ,which can let the developers with low level of vulnerability.once the hacker identifies the vulnerability in codings then he could access the database like an ADMIN and he could retrieve data and update data of the users.


XSS




Cross Site Scripting (generally called as XSS) is also a famous well known attack.generally before SQL injection is done XSS plays a vital role in verifying the vulnerability in coding of developers.If so then the hackers start their nasty attacks on the Database.when a programmer doesn't cleans the input values retrieved from users and verifies using preg_match() then he would be surely down by XSS attacks.these attacks are commonly done by two methods $_POST & $_GET in PHP.

for example in $_POST : 


when the user(YOU) submit username and password through this types of forms:

<form action="post.php" method="post">
 <input type="text" name="comment" value="">
 <input type="submit" name="submit" value="Submit">
</form>

when the processing script process like this:
-------------------------------------------------------
"<?php
echo $_POST["comment"];
"
-------------------------------------------------------
and the hackers can just submit this form like this :

--------------------------------------------------------
"<script>alert("hacked")</script>"
--------------------------------------------------------
this may be not vulnerable untill the QUERIES are unmodified ! :D

for example in $_GET : 


when the user searches by get method in PHP:
------------------------------------------------------------------------------------------

"<?php
// Get search results based on the query
echo "You searched for: " . $_GET["query"];
// List search results
..."
--------------------------------------------------------------------------
The example can be a very unsecure results page where the search query is displayed back to the user. The problem here is that the $_GET["query"] variable isn’t validated or escaped, therefore an attacker could send the following link to the victim:

so he might the targeted people may get link like this:
------------------------------------------------------------
"http://example.com/search.php?query=<script>alert("hacked")</script>"
------------------------------------------------------------
and output would be like this :
----------------------------------------------------------------------------
"You searched for: <script>alert("hacked")</script>"
----------------------------------------------------------------------------

Data Sanitization:


Data Sanitization is mainly focus on cleaning the variable with unwanted scripts inside them.the are just converted in to special format rather than from their native form and inserted in database.
example follows here!
-----------------------------------------------------------
"<?php
// sanitize HTML from the comment
$comment = strip_tags($_POST["comment"]);"
-----------------------------------------------------------

Data validation:




Data validation is an important key factor in terms of PHP to prevent attacks on Database and to maintain the quality of Database just like unfilled columns and other updation in Database.so here nowadays experts in PHP recommend to use preg_match() function to verify the user input details to utmost level and send them for further proccessing and updation.
-----------------------------------------------------------------

have a quick example below:

"<?php
// validate a US phone number
if (preg_match('/^((1-)?d{3}-)d{3}-d{4}$/', $phone)) {
    echo $phone . " is valid format.";
}"
-------------------------------------------------------------------

Data encryption using PHP :


As you may know that how much extent the techniques are developed to prevent such activities the hacker tries to break the mechanism and enters the database to steal the information.so Here Encryption of data plays a vital role here.Facebook & Google heavily encrypt the users database through their own encryption techniques like making it as functions and implementing them. encrypting the data is very easy for developers but decrypting the data by their own is a big part unless they are expert in PHP and logics.PHP has some encrypting functions such as HASH SALT methods, the popular MD methods and so on,refer here for complete guidance.
--------------------------------
example before encryption :

username :s.shivasurya  || password :i_know_u_would_lookup_here:D

after Encryption:

username:s.shivasurya || password :5dsfcv82fvbd2fvsdfv52dvsdv512vsdfv
-------------------------------

thus YOU may GET slight thinking of your vulnerabiltiy in your codings.just get updated with PHP website manual .if the function is no longer supperted then it will be noted as "This function has been DEPRECATED as of PHP 5.5.0. Relying on this function is highly discouraged."

only hackers can challenge the programmers! :D






2 comments:

Anonymous said...

Your way of telling everything in this piece of writing
is actually good, every one can simply be aware of it, Thanks a lot.



My blog post; CSR racing cheats

NAVEEN SUBRAMANIAN said...

nice post

Post a Comment

feel free to post your comments! Don't Spam here!