Penetration Testing mailing list archives
Re: Remote File Include Vulns (Are you testing for it, are you teaching it)
From: Gareth Davies <gareth.davies () mynetsec com>
Date: Tue, 17 Oct 2006 12:47:35 +0800
Joseph McCray wrote:
I've been spending a lot of time googling these php shells (c99/r57 et al) lately. It appears that people are getting these on servers viaRemote File Include vulnerabilities.I'm curious how many auditors are 1) testing for this stuff in your audits. Tons of blog, forum, and wiki packages have these vulns - are you guys testing for this stuff, and more importantly are you finding it vuln in your audits? Next question is for trainers, how much time are you spending on this stuff in your web application security classes. Currently I'm spending a hefty chunk of time on the big guns (SQL Injection, Cross-Site Scripting, etc). I know these are the usual suspects, but when I get out there on the Internet and google for any of these php shells I never get past the first search page without finding a compromised server. If you check out milw0rm, packetstormsecurity, etc most of the web app vulns are remote file includes. Is anyone else noticing this, and what are your thoughts?
Hi Joseph, Not sure if you saw this: http://www.darknet.org.uk/2006/09/fis-file-inclusion-scanner-v01-php-vulnerability/ Might be something to consider.Like another posted said though not many commercial audits I do involve PHP, it is worth mentioning this in training though as it seems awfully common nowadays.
Cheers -- Gareth Davies - ISO 27001 LA, OPST Manager - Security Practice Network Security Solutions MSC Sdn. Bhd. Suite E-07-21, Block E, Plaza Mont' Kiara, No. 2 Jalan Kiara, Mont’ Kiara, 50480Kuala Lumpur, Malaysia Phone: +603-6203 5303 or +603-6203 5920
www.mynetsec.com ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Remote File Include Vulns (Are you testing for it, are you teaching it) Joseph McCray (Oct 16)
- Re: Remote File Include Vulns (Are you testing for it, are you teaching it) Tim (Oct 16)
- Re: Remote File Include Vulns (Are you testing for it, are you teaching it) espen (Oct 16)
- Re: Remote File Include Vulns (Are you testing for it, are you teaching it) Gareth Davies (Oct 17)