PaulDotCom mailing list archives
Is this a secure way to parse logs over the web?
From: Adrian Crenshaw <irongeek () irongeek com>
Date: Fri, 24 Feb 2012 11:02:29 -0500
Ok, not saying this code is well done, but I had a question about if it was possible to do some Regex injection that has really bad consequences. I've made a simple little PHP (attached) script as a test to look for the top 404s and 403 on a site based on its http log. Since web scanners seem to cause a lot of these (causing errors and looking for files that are not there), it seems like a good way to spot them. The downside, I'm pretty much letting the user put anything into the regular expression for searching that they want. I'm not using the exec function, but preg_match instead, so shell execution should not be an issue as far as I know. Assuming I don't care if people know what is in my logs, how secure is this? I could also always just password it off. Thanks, Adrian -- "The ability to quote is a serviceable substitute for wit." ~ W. Somerset Maugham
Attachment:
lookforbad.txt
Description:
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Is this a secure way to parse logs over the web? Adrian Crenshaw (Feb 25)
- Re: Is this a secure way to parse logs over the web? Dancing Dan (Feb 26)
- Re: Is this a secure way to parse logs over the web? Adrian Crenshaw (Feb 26)
- Re: Is this a secure way to parse logs over the web? Frisch, Daniel (JUS) (Feb 27)
- Re: Is this a secure way to parse logs over the web? Adrian Crenshaw (Feb 27)
- Re: Is this a secure way to parse logs over the web? Frisch, Daniel (JUS) (Feb 27)
- Re: Is this a secure way to parse logs over the web? Adrian Crenshaw (Feb 27)
- Re: Is this a secure way to parse logs over the web? Adrian Crenshaw (Feb 27)
- Re: Is this a secure way to parse logs over the web? Frisch, Daniel (JUS) (Feb 27)
- Re: Is this a secure way to parse logs over the web? Adrian Crenshaw (Feb 26)
- Re: Is this a secure way to parse logs over the web? Dancing Dan (Feb 26)