SFTP library: https://github.com/phpseclib/phpseclib
MSSQL - PHP guide: (After installation, sqlsrv.so is a dynamic driver located in /usr/lib/php/20170718/, read permission need to be grante)
https://www.microsoft.com/en-us/sql-server/developer-get-started/php/ubuntu
In the document
Step 2.1 Install the PHP Driver for SQL Server
Terminal
sudo pecl install sqlsrv
sudo pecl install pdo_sqlsrv
sudo su
echo extension=pdo_sqlsrv.so >> `php --ini | grep "Scan for additional .ini files" | sed -e "s|.*:\s*||"`/20-pdo_sqlsrv.ini (Correction pdo_sqlsrv.ini must run before sqlsrv.ini)
echo extension=sqlsrv.so >> `php --ini | grep "Scan for additional .ini files" | sed -e "s|.*:\s*||"`/30-sqlsrv.ini
exit
// Problems might encounter && confustion diagnose
phpsize does not exists:
sudo apt-get install php7.x-dev
https://stackoverflow.com/questions/3108937/how-to-install-and-run-phpize
// What does echo extension=pdo_sqlsrv.so >> `php --ini | grep "Scan for additional .ini files" | sed -e "s|.*:\s*||"`/20-pdo_sqlsrv.ini
echo extension=sqlsrv.so >> `php --ini | grep "Scan for additional .ini files" | sed -e "s|.*:\s*||"`/30-sqlsrv.ini mean?
It means to create two ini file in /etc/php7.x/cli/conf.d, one called 20-pdo_sqlsrv.ini, 30-sqlsrv.ini, and because of the number, pdo_sqlsrv will run fist. These two files will contain extension=pdo_sqlsrv.so, extension=sqlsrv.so accorndingly, so they will be dynamically loaded to php.ini, every time browser calls php interpreter, and php interpreter loads php.ini file.
20-pdo_sqlsrv.ini must be loaded first
// Installed sql.srv, pdo_sqlsrv extension in the wrong directory, resulting no such file or directory when running php
use whereis php to check if there are two php version installed, and two path specified,
if it is
check /usr/lib/php/ to see your sqlsrv extension is installed in another directory
// if it is then remove
pecl uninstall sqlsrv
pecl uninstall pdo_sqlsrv
// uninstall one php version
apt purge php7.x (a version not used)
then
pecl uninstall sqlsrv
pecl uninstall pdo_sqlsrv
then install again
https://ayesh.me/Ubuntu-PHP-7.3
// Php system extension (not installed by user located in )
/etc/php/php_version/mods-available
https://tecadmin.net/enable-disable-php-modules-ubuntu/
// php_pdo_register_driver in Unknown on line 0 error
check /etc/php7.x/cli/conf.d, to see if there are two ini file, one called 20-pdo_sqlsrv.ini, 30-sqlsrv.ini,
and make sure 20-pdo_sqlsrv.ini is loaded(placed before sqlsrv.ini)
https://github.com/microsoft/msphpsql/issues/736
// sqlsrv already loaded error (PHP Warning: Module 'XXX' already loaded in Unknown on line 0)
Check /etc/php7.x/cli/conf.d to see if there are duplicate files, if not, check ini files to see if there are duplicate lines in each ini file.
execute
echo extension=pdo_sqlsrv.so >> `php --ini | grep "Scan for additional .ini files" | sed -e "s|.*:\s*||"`/20-pdo_sqlsrv.ini (Correction pdo_sqlsrv.ini must run before sqlsrv.ini)
echo extension=sqlsrv.so >> `php --ini | grep "Scan for additional .ini files" | sed -e "s|.*:\s*||"`/30-sqlsrv.ini
multiple times will result
extension =pdo_sqlsrv.so
extension =pdo_sqlsrv.so
extension =pdo_sqlsrv.so
be created multiple times in 20-pdo_sqlsrv.ini
https://github.com/Homebrew/homebrew-php/issues/3896
Showing posts with label Code Safety. Show all posts
Showing posts with label Code Safety. Show all posts
Tuesday, 14 May 2019
PHP ini file
// Not recommended to pass parameter via command line to PHP script
// because when a user do: ps auxww . They can see script parameters
// Use php ini file instead https://php.net/manual/en/function.parse-ini-file.php
// Ignore this ini file when uploading to git(upload a sample.ini with new value to git)
// Or use toml for putting arrays, JSON in config file. https://github.com/healthservices-io/wolfdash/blob/master/config/config.toml.example
// because when a user do: ps auxww . They can see script parameters
// Use php ini file instead https://php.net/manual/en/function.parse-ini-file.php
// Ignore this ini file when uploading to git(upload a sample.ini with new value to git)
// Or use toml for putting arrays, JSON in config file. https://github.com/healthservices-io/wolfdash/blob/master/config/config.toml.example
Saturday, 8 December 2018
SQL INJECTIONS
Common prevention against SQL Injections
How it works
SQL injection is a code injection technique that might destroy your database. SQL injection is one of the most common web hacking techniques. SQL injection is the placement of malicious code in SQL statements, via web page input.SELECT * FROM Users WHERE UserId = 105 OR 1=1;
Preventions
- Escape special characters before executing SQL queries
- PHP users: use PHP PDO, as it sends data and SQL instructions separately
Sources
https://www.w3schools.com/sql/sql_injection.aspTAB_NAPPING
Common prevention against Tab Napping
For Tab Napping to work, victim's window object has to be compromised first
How it works :- A user redirects to your normal looking site by an anchor tag <a href="xxx" you have provided on other site - Gmail. If such tag does not have special code to reset window object, you now have control of window object of users original Gmail browser window
- You detect when the Gmail page has lost its focus and hasn’t been interacted with for a while.
- Replace the favicon with the Gmail favicon, the title with “Gmail: Email from Google”, and the page with a Gmail login look-a-like.
- This can all be done with just a little bit of Javascript that takes place instantly. As the user scans their many open tabs, the favicon and title act as a strong visual cue—memory is malleable and moldable and the user will most likely simply think they left a Gmail tab open. When they click back to the fake Gmail tab, they’ll see the standard Gmail login page, assume they’ve been logged out, and provide their credentials to log in.
- The attack preys on the perceived immutability of tabs.
- After the user has entered their login information and you’ve sent it back to your server, you redirect them to Gmail. Because they were never logged out in the first place, it will appear as if the login was successful.
Preventions
- use rel=noopener nofollow in anchor tag
- Be cautious of the url when entering credentials
Sources
https://mathiasbynens.github.io/rel-noopener/CSRF
Common Safety preventions against CSRF
Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.How it works
Suppose a vulnerable Bank Server accepts the following POST request to transfer money:POST http://bank.com/transfer.do HTTP/1.1 acct=BOB&amount=100This request is submitted using form submit which can be easily sent by a piece of javascript code
Preventions
- Generate unique CSRF token on server side based on each session. Pass back to client side in set-cookie instruction. Client side format special headers using this CSRF token, then server side validate CSRF token of each request.
- Using modern front-end framework technologies such as VUE.js, REACT.js to setup hidden CSRF token input(when its hidden, it does not show up on the HTML page once rendered)
- Create an app that generates CSRF token(Google, and many banks uses this option nowdays)
Sources
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)XSS
Common safety prevention against XSS
Cross-site Scripting (XSS) Attack "Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application. XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of unvalidated or unencoded user input within the output it generates."How it works
Preventions
- Basic Input validations on Client Side Code
- Strong Input validations on Server Side Code. Including retrieving all possible valid input validations from database to validate input
Source Article:
https://www.acunetix.com/websitesecurity/cross-site-scripting
Subscribe to:
Posts (Atom)