19 Jan 10 Website Security Scan

Websites get hacked every day, customers details taken, and it’s usually REALLY EASY to do. As a security consultant,  I often get a call after a Google search turns up with my details as the guy to contact when this happens.

Shameless plug: Why not contact me BEFORE this happens for a FREE basic web scan.

Shameless plug over, why not consider some of the things that can be done to help prevent a website breach..
(more…)

Tags: Apache, backups, code, cookie, cross site scripting, htaccess, LAMP, logs, mod_security, MySQL, PHP, php security, rate limit, restrict limit, Security Consultant, session, sniffing, sql injection, website security scan, xss

14 Jan 10 PHP Security

As a PHP programmer, there are a couple of things you can do quickly and easily to increase the security of your PHP code installation.

Look into PHP’s “safe mode” feature, ESPECIALLY if you’re running a webserver that takes the general public can upload scripts to. Here you’ll find a list of the functions disabled or restricted by safe mode. It is not strictly PHP’s job to restrict these types of functions, however unless you really know what you’re doing, the list of functions restricted by safemode is a good starting point for building secure applications. These are generally functions that allow file and directory manipulation, and socket manipulation. If it’s not possible within your environment to disable them all, disable as many of these functions as possible.

Although not that common, if I’m writing an application that heavily relies on functions that manipulate directories or sockets, I’ll prefer to create a C daemon or similar to handle this side of things and simply use PHP to communicate with it. (more…)

Tags: cross site scripting, directory, error reporting, magic quotes, MySQL, mysql_real_escape_string, PHP, php security, safe mode, socket, sql injection, xss

15 Nov 09 PHP Developer – Loops in General

There are 3 types of loop in PHP:

while (condition)
{ code_goes_here; }

do
{ code_goes_here; }
while (condition);

for(expr1, expr2, expr3)
{ code_goes_here; }

In terms of the ‘for’ loop above, ‘expr1′ being the starting expression, i.e. $i=0. expr2 being the condition that must be satisfied to keep the loop running, i.e. $i < 100. expr3 being the expression evaluated each time the loop runs, i.e. $i++. Each loop type has it’s uses.
(more…)

Tags: do, for, loop, MySQL, PHP, PHP Developer, PHP MySQL Developer

05 Nov 09 PHP Developer – Looping through database results

As a PHP Programmer, a very routine PHP/MySQL procedure is fetching a set of records from the result of a query.

$sql = "SELECT ...";
$result_set = mysql_query($sql);
for ($ctr = 0; $ctr < mysql_numrows($result_set); $ctr++)
{
    $my_object = mysql_fetch_object($result_set);
    //do something with $my_object
}

Now as tidy as the above code is, what’s the big problem? The number of rows returned by the query remains the same throughout. Why are we calling the mysql_numrows function on the same result set, to return the same answer over and over, possibly thousands of millions of times depending on the size of the result set? On a larger web application with a larger result set, things like this will dramatically increase unnecessary overhead. This is one of the most basic optimizations to make:

$sql = "SELECT ...";
$result_set = mysql_query($sql);
$result_num = mysql_numrows($result_set);
for ($ctr = 0; $ctr < $result_num; $ctr++)
{
    $my_object = mysql_fetch_object($result_set);
    //do something with $my_object
}

Now, there’s a couple of different methods you can use to achieve the same purpose, some of which may actually be more appropriate, such as a simple while loop, but the purpose of this article was to illustrate the issue above solely. More on optimization later..

Tags: for, loop, MySQL, PHP, php programmer, sql

26 Sep 09 PHP MySQL Developer – A Freelancer in London

Being a Freelance PHP MySQL Application Developer based in London has some major advantages as I found out today. The majority of both mine and my firm’s work is conducted online. Video conferencing over Skype, code delivery over SVN (Subversion), and bug tracking through Basecamp. Once in a while though an opportunity for a site visit in or around central London/West End pops up, and, schedule permitting, I’ll more often than not be happy to accept.

My core focus is on web application development, and being London based, I’ve had a chance to work with some great Companies. I’m currently at the time of writing, spending a few hours per week overseeing and managing a team of developers rewriting a wireless hotspot provider’s intranet which is proving to be very challenging, and great fun.

For more information on what it is that I actually do in the PHP/MySQL field, please view my PHP MySQL Developer series!

Tags: MySQL, PHP, php mysql, PHP MySQL Developer, php mysql developer london

25 Sep 09 PHP MySQL Developer – Using MySQLi Prepared Statements to Avoid SQL Injection

I’m going to demonstrate a very short and simple method of avoiding SQL Injection at the SQL query level. You’ll need MySQLi support, on Debian you can apt-get install php5-mysql will contain everything that you need, and would be installed by default with your LAMP Installation.
(more…)

Tags: apt-get, bind, blob, double, execute, integer, MySQL, mysqli, mysql_real_escape_string, object oriented, oo, PHP, prepared statements, sql injection, string

17 Sep 09 How to Find and Replace data in MySQL

It’s really easy!

UPDATE mytable SET myfield = REPLACE(myfield, ‘replace this’, ‘with this’);

Take a backup of your database first!

Tags: find, MySQL, replace

17 Sep 09 Linux – Exim, Avenger and SpamAssassin Tips

Further to Exim, MySQL, Courier IMAP, Courier POP3 & Spamassassin – vdomain and vuser set up, I’ve recently been receiving an increasing amount of spam, and have finally decided to take some positive action. Previously, my account would get hit with about 100 to 150 per day, of which 2 or 3 might get through. Lately, this has quickly increased to about 700+ of which at least 20 to 30 have been getting through, and I’ve been doing nothing but clearing spam day and night for the past few weeks. It is, however, critital that I do not catch any genuine email – I would rather keep on the side of caution and be more generous than not.
(more…)

Tags: avenger, courier, dcc, exim, IMAP, mail avenger, MySQL, POP3, spam, spamassassin

06 Sep 09 Security Consultant – PHP Developer – SQL Injection Attacks

One of the most common form of attacks against web applications is SQL Injection. In the most part, the language that the web application is written in is irrelevant, be that PHP, ASP, Python, Perl, C, etc. As long as the back end database uses something SQL based, be that MySQL, MSSQL, etc, again, we’re in business. This probably covers over 99% of web applications out there. Both the security consultant and the php developer or web application developer in general has to be aware of the implications of SQL Injection. Here’s how it works:
(more…)

Tags: blind sql injection, HTML code, insert, MySQL, pen tester, penetration tester, PHP, Security Consultant, select, sql, sql error, sql injection

11 Mar 09 Simple MySQL Developer Intro

MySQL is one of the most powerful and widely used databases available. Here is a really quick guide to creating a database, creating a table, inserting, selecting and deleting the data, then table, then database. This will not go into too much depth as there are plenty of resources out there already that can provide more information on each step.

I’ll be using the MySQL command line tool on a Linux (Debian!) platform. Assuming I already have mysql running and a passworded root user account:

(more…)

Tags: delete, describe, grant, insert, MySQL, mysql developer, select