Full Disclosure mailing list archives
Bypassing PHPIDS 0.6.5
From: Michael Brooks <firealwaysworks () gmail com>
Date: Fri, 26 Aug 2011 11:18:02 -0700
Full Paper: https://sitewat.ch/en/Blog/10 Using these attacks it is possible to bypass all of PHPIDS's rule sets, which defeats all protection PHPIDS can provide. Further more on a default install of PHPIDS the log file can be used to drop a PHP backdoor. There by using PHPIDS as a vital steping stone in turning an LFI vulnerability into remote code execution. Thus PHPIDS 0.6.5 made you less secure. Of course all of these issues have been fixed in PHPIDS 0.7, and by using the latest version of PHPIDS I have no doubt that you're php application will be more secure. If someone tells you that you are absolutely secure, then they are trying to sell you something. However PHPIDS 0.7 provides a strong barrier between your application and an attacker.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Bypassing PHPIDS 0.6.5 Michael Brooks (Aug 26)