Collaborate Disseminate
I have a Raspberry Pi connected to my network and keep getting this vulnerability warning from my security software. I turned off the apache2 web server on the Pi, which fixed my port 80 issue but have no idea how to fix the … Continue reading Preventing Basic Directory Traversal Attack in PHP
I’ve recently had an interesting interview exercise I haven’t completed and it does puzzle me what kind of filter/protection they’ve used.
The vuln app is a PHP with simple MariaDB (5.5.56) back-end, where name FORM is vulner… Continue reading SQL Injection bypass UNION filter/restriciton
I have to execute my .o or .out binary file pre-compiled with gcc, it should be intended to let the user execute the small program so an action is made that connects with the app installed on the user’s phone.
But i want to … Continue reading Securing exec against executing adversary shell commands
I ran across an opportunity for SQL injection the other day in some legacy code …
// input: email@email.com”
$email = $_POST[’email’];
mysql_query(‘SELECT * FROM users WHERE email = “‘.$email.'” ‘);
// output: you have a… Continue reading mysql_query | Why " breaks query but ‘ does not?
I encrypted a text using a key and would like to understand this method if it is vulnerable or not.
Could you tell me if it’s easy to decrypt, what methods exist and if maybe I should change the encryption method?
$text = “… Continue reading How to decrypt in PHP without knowing a key? [on hold]
I ran across some legacy code that uses mysql_query($sql) or die(mysql_error())
Was curious and noticed that with a correctly placed ” in the email input … I am shown output from mysql_error() as a user.
You have an er… Continue reading Exploiting incorrectly escaped `mysql_query() or die(mysql_error())` to exfiltrate data?
I am currently using the following functions within php to encrypt data for storage in a database, then to decrypt the data when retrieving it.
I would like to know if these functions offer a sufficient level of security for… Continue reading Are these encrypt and decrypt PHP functions cryptographically secure? [on hold]
I was thinking about this question:
How can I encrypt a file before it is stored on the server?
For example: When I upload an important file with sensitive data and I want to encrypt the data. How can I prevent users to up… Continue reading How to encrypt a file at the client side
It’s clear that the system has to filter user input. I always thought that the standard is also to check user uploaded files for malware/shells.
I’m curious if above is really needed. There is a PHP (Laravel) application tha… Continue reading Should you really check user uploaded files for malware/shells?
For authenticating with Google Cloud Services, I provide details of my credentials via a generated JSON file. See https://cloud.google.com/docs/authentication/production
In the php file the JSON file is referenced as:
puten… Continue reading How to protect Google Application Credentials on production server?