PHP security: Difference between revisions
Jump to navigation
Jump to search
Created page with "== SQL injection == == Password storage == * Hashing * Timing attacks * Algorithms * Refreshing == Cookies == * Secure flag * HTTP flag == Cross site scripting (XSS) ==..." |
|||
| Line 1: | Line 1: | ||
== SQL injection == | == SQL injection == | ||
== | == Passwords and credentials == | ||
* Hashing | * Hashing | ||
| Line 7: | Line 7: | ||
* Algorithms | * Algorithms | ||
* Refreshing | * Refreshing | ||
* Brute force attempts | |||
== Cookies == | == Cookies == | ||
Revision as of 14:34, 23 March 2021
SQL injection
Passwords and credentials
- Hashing
- Timing attacks
- Algorithms
- Refreshing
- Brute force attempts
Cookies
- Secure flag
- HTTP flag
Cross site scripting (XSS)
Cross site request forgery (CSRF)
- Access to /tmp - session data
- Access to read/write files as www-data user
File uploads
- Denial of service - upload bandwidth, CPU utilisation, disk space utilisation
- File types - be careful as some file data can be disguised as other file types (e.g. zip disguised as PNG)
Unsafe functions
- exec
- shell
- eval
Data from URLs
- No control over these (unless you also run the service)
- Service provider may be malicious
- DNS poisoning may transfer you to the wrong site/IP
Document root
- Only files which are shown to users
- Everything else keep outside document root
- Pay particular care with non-PHP extensions, e.g. .inc