Web Application Security
By: Darkvengance Date: November 25, 2011

Introduction Throughout the years many aspiring programmers and many amazing web applications have surfaced. Though these applications and websites had amazing functionality and were very user-friendly they all shared one common flaw: A lack of attention to security. Due to this reason many of them were rejected by the public community or were even taken offline by malicious attackers. Due to these reasons the creation of this paper came to be. This paper will touch on many topics including: good coding practices, insecure hashing and encryption methods, SQL injections, session fixation, cross-site scripting (XSS), file inclusion, and arbitrary command injection. Please remember that while reading this PHP will be the primary language referenced, however if you use other server side languages the same concepts may still be applied. Throughout this writing it is assumed that the reader will have a basic working knowledge of PHP, HTML, Javascript, and MySQL, as well as knowledge of the basic workings of web applications (database connections, content presentation, etc). By the end of this paper you will be equipped with the knowledge of efficient coding practices which will allow you to program and develop secure applications, protected against the most widely applied techniques used by the majority of black-hat crackers and white-hat penetration testers.

Coding Practices

Even the most basic of all application security, whether it be web, desktop, server or cloud based, starts with good coding practices. The definition of “good” coding practices varies from programmer to programmer however, they all revolve around two primary concepts: efficiency and “looks”. The main goal here is to learn the

very basics, however as everyone has their own way of doing things, you should find ...

/etc/apache2/conf.d/security /images/../../../../ 1 10 11 2 2009 2011 21 25 27 28 29 3 30 4 5 6 7 8 9 abil abl access aci action administr agre allow allowoverrid along alreadi although amaz among anoth anyon anyth appli applic arbitrari around ask aspir assist assum attack attent authent author awar backward base basic becom begin best bibliographi black black-hat block bracket brewton browser built built-in c came care carri cheat child chris cipher close cloud code color come command comment common communiti complet concept concern configur connect consortium contain content copi could cover crack cracker creat creation cross cross-sit cur darkveng data databas date davi definit deni denot desktop detriment develop differ direct directori disabl display document due e earlier easier easiest easili ed effect effici elimin encount encrypt encyclopedia end entir equip ernest error especi etc even everi everyon ex exact exampl except exec execut explicit fair fall fault file filter find first fixat flaw folder follow foreach form free friend full function gain general goal good grab group guard guid hacker hash hat hidden home host howev html human hypertext identifi ill ill-configur improp includ inclus incom indent inform inject input insecur introduct involv javascript jeff jim johndo johntheripp key knowledg lack languag later lazi learn less let level limit line littl ll locat look loop lot main major make malici mallett mani manico manual may mcrypt mean measur mention method michael miss mode much must mysql near new news none normal notic nov novemb oct offlin one onto open oper order outgo output owasp page paper parent passwd password penetr per period person php phptaskmanag pin pin-point place pleas point popular practic precaut preprocessor present prevent previous primari primarili print problem process program programm programmer/developer project proper protect prove public python quick read reader reason referenc regardless reject rejectedfreak remain rememb request requir review revolv rfi risk root s/he sake scan script second secur see sencrypt sept server session set share sheet shell shiflett shoulder show side similar simpl simpli simplic site specifi spend sql start state statement stick still structur sub sub-fold sure surfac system tag take taken techniqu tester thing think though thought throughout thus time today tool topic touch transver transvers tree true trust two type typic un un-com understand unintend unix untrust updat upload url use user user-friend usual vari variabl vector view vulner way web web-brows web-serv websit week well whether white white-hat wide wikipedia william window wise wish within word work worth would write www.goodsite.com www.goodsite.com/images/../../../../ xss year