Tag Archives: PHP Security

XPath Null Byte Injection in PHP

Back in July this year, in Mitigating XPath Injection Attacks in PHP I was writing about how to properly quote a string in PHP’s Xpath 1.0. The code presented there was based on the assumption that the resulting expression is … Continue reading

Posted in Hakre's Tips, PHP Development, Pressed, Surviving the Internet | Tagged , , , , , , , | Leave a comment

Mitigating XPath Injection Attacks in PHP

PHP has two libxml based extensions that allow to execute XPath 1.0 expressions: DOM (by the DOMXPath class) and SimpleXML (with its xpath() method). Both extensions are prone to XPath Injection Attacks, a common attack form. Albeit all this, and … Continue reading

Posted in Hakre's Tips, PHP Development, Pressed, Surviving the Internet | Tagged , , , , , , , | 1 Comment

Congrats Solar Designer!

And the winner is: Solar Designer in the Month of PHP Security 2010 with his article “How to manage a PHP application’s users and passwords” (Full Listing). Solar Designer’s phpass password hashing algorithm is used in wordpress. It has been … Continue reading

Posted in Hacking The Core, Pressed, Reports | Tagged , , , , , , | Leave a comment

Cheap Hack/Worm Protection for your WordPress Blog

This on its own might be only security done half, but I thought the idea is not that bad to spread the word. It can be normally setup in seconds on the various linux based hostings out there: disable eval. … Continue reading

Posted in Hacking The Core, Hakre's Tips, Tools, WordPress Support | Tagged , , , , , , , , , , , , | 3 Comments

Wordpress Single-Sign-On Preview

I’m currently working on a more detailed article related to wordpress and single-sign-on. It is a nice topic and because of that I started to create some concept art now that should picture the whole thing. That is a sample … Continue reading

Posted in Pressed | Tagged , , , , , , , , , | 10 Comments

Prevent Code Injection in PHP include files

While discussing Coding Standards it was not long ago I argued against adding ?> at the end of php files. But miqrogroove pointed to me an interesting aspect why it actually can make sense to have it and an additional … Continue reading

Posted in Code Smells, Hakre's Tips, PHP Code Smells, Pressed | Tagged , , , , , | Leave a comment

Free PHP Security Poster

Ther germany located security company SektionEins, which is specialized on Webapplication and PHP security, has a freebie to offer: You can download or order a PHP Security poster. They even send it in format A0 for free to you within … Continue reading

Posted in Hakre's Tips, Pressed | Tagged , , , , , , | Leave a comment

PHP Open Basedir degrades Security (Bonus)

Some hosters are using the open_basedir restrictions because they think this makes hosting somewhat more secure. Well normally it is not because a hoster in need to enable it often shows that the system is not properly configured in respect … Continue reading

Posted in Pressed | Tagged , , , , , , , | 1 Comment

The short memory of WordPress.org security

For the wordpress project it’s said: If you find a bug, report it. That’s the same if it is security related. For those who feel – for whatever reason – uncomfortable to publicize it in trac directly, can shoot an … Continue reading

Posted in Hacking The Core, Patched, Pressed | Tagged , , , , , , , , , | 10 Comments

mysql_real_escape_string and SET NAMES

In #11819 I was so hardly looking for a clear documentation for mysql_real_escape_string() combined with the usage of SET NAMES. I finally found it where I should have looked first: within the MySQL manual. PHP is using the MySQL client library … Continue reading

Posted in Hacking The Core | Tagged , , , , , , | Leave a comment