Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [cansecwest] Advanced PHP Hacking

From: Barbod Kiani <b_kiani () ISC IRANET NET>
Date: Sat, 06 Mar 2010 20:06:42 +0330
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Laurent:

Leaning the defense mechanisms activities through different layers would
be a major boost for the Security Admins. Be a very useful course to
take. Thanks for Sharing! Also, wanted to know, besides ways to break
into PHP environment, if it touches the following subjects in the
details and ways to prevent them ***currently*** in used:

1)      It would be bad enough to get your index page de-faced, but worst
would be to have one of your links or subdirs hijacked and replaced by
scripts like mailer.php for sending fake e-mails from your site. Also,
your accounts using Hirsemailbomber, Anonym or even using
Kiddies-scripts after activating the IIS & SMTP on the XP. What else
beside the honeypots for the clients-side attacks could be used?
2)      Does the usage of the On-screen Keyboard for sure prevent the
keylogger and ways currently in use to prevent brute-force password
cracking tools. Not talking about pwdump6 or LC4.
3)      Ways to prevent the RFI like turning off the allow_url_fopen. Why LFI
works better on cgi & php? Why POST doesn?t get logged, but GET does and
such?
4)      Is turning off the display_errors in the php.ini would be sufficient
to disable the ? and ?1=1 and 1=2? etc bug discovery? Ways to protect
from load_file both cmds  and values in Hex. Command Execution Bugs in
php functions such as system and shell_exec and ways writing codes to
bypass the usage of File Conflict Solver tools. Substitutes for getchar,
fgets, strcpy and so on?
5)      Ways to avoid exploitations of the Webalizer and Awstats besides
de-facing the milw0rm?   ;)
6)      How to discourage developers using strings like ***hi") or ("a"="a***
or as such?
7)      Does the Bounce Attack cover in details Allowing Incoming and
Outgoing ports (What sort of other tools such Putty, and NetCat for
reverse shell are being used currently)?
8)      Do the backdoors preventions include the DDoS attacks, "scrumping"
(IRCbots - botmaster)?

Thanks in advance!

Respectfully yours,
Bob Kiani






On 3/3/2010 12:01 PM, Laurent OUDOT at TEHTRI-Security wrote:


Hi,

I'd like to announce a Security Master's Dojo course during next
CanSecWest 2010 in Vancouver (March 22-26 2010).

Title: Advanced PHP Hacking (!)

PHP is a worldwide web language used by individuals as well as companies
(Facebook...). This session aims at providing a hands-on focused PHP
Hacking experience. After this course, you will really know how
attackers work and move through PHP hax0ring so that they can jump
deeper down to your networks.

*BONUS*
This training will end with a final amazing exercise through a step by
step live hacking simulation. It will help students at coming back to
offensive and defensive hands-on exercises seen during the whole day,
thanks to this complete information warfare operation.

For further information, just check :
 http://www.tehtri-security.com/en/trainings.php?t=cansecwest-2010

Register as soon as possible (!) and join us at Cansecwest 2010
(http://cansecwest.com)

See you soon in Vancouver :)

--
Laurent OUDOT
 Founder & CEO of TEHTRI-Security
 http://www.tehtri-security.com








------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBS5KEmhM9ovKY6EGcAQIcSgf+KXXb2zHVEjYtR/gJk8aXNXzZokj/KbEs
/Uxl7ZgREdvzRtxqGskJTxatCMUcxBQYP0yZ6faHGp7m5y1PrjiWNPjRUL2q5Oug
fY4mWABRyP4njUqzx4fXI+u3iVGOH2txYvoly6Roihv4V6u4fwQcmvmMVIgFXSDA
ms6R5gjfncmaIEIk/vQVPAFm6vjGPeqMu2hLaiYi+OwzLT47SO9JSYaH75GOlIsv
Yz1gvImS1EYxZp7wPvS/VZyF1Lee8Kb0TMd2qo00NZiatsbBXZBMkgruBpwnHZe9
xBVKJujAgPecj59dR0tZaSv/pGF0Qr3koIejr9qU5TzI0TX0/QAEVA==
=TLA5
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: