Penetration Testing mailing list archives
Remote File Include Vulns (Are you testing for it, are you teaching it)
From: Joseph McCray <joe () learnsecurityonline com>
Date: Fri, 13 Oct 2006 23:01:02 -0400
I've been spending a lot of time googling these php shells (c99/r57 et al) lately. It appears that people are getting these on servers via Remote File Include vulnerabilities. I'm curious how many auditors are 1) testing for this stuff in your audits. Tons of blog, forum, and wiki packages have these vulns - are you guys testing for this stuff, and more importantly are you finding it vuln in your audits? Next question is for trainers, how much time are you spending on this stuff in your web application security classes. Currently I'm spending a hefty chunk of time on the big guns (SQL Injection, Cross-Site Scripting, etc). I know these are the usual suspects, but when I get out there on the Internet and google for any of these php shells I never get past the first search page without finding a compromised server. If you check out milw0rm, packetstormsecurity, etc most of the web app vulns are remote file includes. Is anyone else noticing this, and what are your thoughts? -- Joe McCray Toll Free: 1-866-892-2132 Email: joe () learnsecurityonline com Web: https://www.learnsecurityonline.com Learn Security Online, Inc. * Security Games * Simulators * Challenge Servers * Courses * Hacking Competitions * Hacklab Access
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Remote File Include Vulns (Are you testing for it, are you teaching it) Joseph McCray (Oct 16)