Security Basics mailing list archives
Re: [cansecwest] Advanced PHP Hacking
From: Barbod Kiani <b_kiani () ISC IRANET NET>
Date: Sat, 06 Mar 2010 20:06:42 +0330
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Laurent: Leaning the defense mechanisms activities through different layers would be a major boost for the Security Admins. Be a very useful course to take. Thanks for Sharing! Also, wanted to know, besides ways to break into PHP environment, if it touches the following subjects in the details and ways to prevent them ***currently*** in used: 1) It would be bad enough to get your index page de-faced, but worst would be to have one of your links or subdirs hijacked and replaced by scripts like mailer.php for sending fake e-mails from your site. Also, your accounts using Hirsemailbomber, Anonym or even using Kiddies-scripts after activating the IIS & SMTP on the XP. What else beside the honeypots for the clients-side attacks could be used? 2) Does the usage of the On-screen Keyboard for sure prevent the keylogger and ways currently in use to prevent brute-force password cracking tools. Not talking about pwdump6 or LC4. 3) Ways to prevent the RFI like turning off the allow_url_fopen. Why LFI works better on cgi & php? Why POST doesn?t get logged, but GET does and such? 4) Is turning off the display_errors in the php.ini would be sufficient to disable the ? and ?1=1 and 1=2? etc bug discovery? Ways to protect from load_file both cmds and values in Hex. Command Execution Bugs in php functions such as system and shell_exec and ways writing codes to bypass the usage of File Conflict Solver tools. Substitutes for getchar, fgets, strcpy and so on? 5) Ways to avoid exploitations of the Webalizer and Awstats besides de-facing the milw0rm? ;) 6) How to discourage developers using strings like ***hi") or ("a"="a*** or as such? 7) Does the Bounce Attack cover in details Allowing Incoming and Outgoing ports (What sort of other tools such Putty, and NetCat for reverse shell are being used currently)? 8) Do the backdoors preventions include the DDoS attacks, "scrumping" (IRCbots - botmaster)? Thanks in advance! Respectfully yours, Bob Kiani On 3/3/2010 12:01 PM, Laurent OUDOT at TEHTRI-Security wrote:
Hi, I'd like to announce a Security Master's Dojo course during next CanSecWest 2010 in Vancouver (March 22-26 2010). Title: Advanced PHP Hacking (!) PHP is a worldwide web language used by individuals as well as companies (Facebook...). This session aims at providing a hands-on focused PHP Hacking experience. After this course, you will really know how attackers work and move through PHP hax0ring so that they can jump deeper down to your networks. *BONUS* This training will end with a final amazing exercise through a step by step live hacking simulation. It will help students at coming back to offensive and defensive hands-on exercises seen during the whole day, thanks to this complete information warfare operation. For further information, just check : http://www.tehtri-security.com/en/trainings.php?t=cansecwest-2010 Register as soon as possible (!) and join us at Cansecwest 2010 (http://cansecwest.com) See you soon in Vancouver :) -- Laurent OUDOT Founder & CEO of TEHTRI-Security http://www.tehtri-security.com ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBS5KEmhM9ovKY6EGcAQIcSgf+KXXb2zHVEjYtR/gJk8aXNXzZokj/KbEs /Uxl7ZgREdvzRtxqGskJTxatCMUcxBQYP0yZ6faHGp7m5y1PrjiWNPjRUL2q5Oug fY4mWABRyP4njUqzx4fXI+u3iVGOH2txYvoly6Roihv4V6u4fwQcmvmMVIgFXSDA ms6R5gjfncmaIEIk/vQVPAFm6vjGPeqMu2hLaiYi+OwzLT47SO9JSYaH75GOlIsv Yz1gvImS1EYxZp7wPvS/VZyF1Lee8Kb0TMd2qo00NZiatsbBXZBMkgruBpwnHZe9 xBVKJujAgPecj59dR0tZaSv/pGF0Qr3koIejr9qU5TzI0TX0/QAEVA== =TLA5 -----END PGP SIGNATURE----- ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- [cansecwest] Advanced PHP Hacking Laurent OUDOT at TEHTRI-Security (Mar 04)
- Re: [cansecwest] Advanced PHP Hacking Barbod Kiani (Mar 08)