Understanding Server Side Scripting | PHP Injection
Server Side Scripting encompasses the tasks in the web page request return cycle that happen on the Web Server. There are many of these tasks which are best suited for the Web Server, and among these concerns are security, reliability, centralization, speed, etc Online databases are maintained on the Web server.
There are many Server Side Scripting languages available. Some of the popular ones are ASP (A Server Pages, a Microsoft product) JSP (Java Server Pages) Cold Fusion (MacroMedia) and PHF n Open Source product,) among others. The essence of a Server Side Script is such that the correct it rarely or never visible on the Client computer, only the effect of the execution of the script are retumed Client.
Using Code PHP injection to escalate privileges :
After attackers which want to attack were able to manage to exploit an application or network, creating an authenticated session with the Microsoft Windows operating system, they immediately attempt to escalate privileges. Specifically, attackers look for administration privileges provided by accounts that are members of the Administrators group. They also check out the high level of privileges offered by the local system account.
Using least privilege service accounts throughout your application is a primary defense against privilege escalation attacks. Also, some network level privilege escalation attacks have to be an Interactive logon session.
PHP is not widely use open source general purpose scripting language that is especially suit for web development and can be embedd into HTML.
Let us take an introductory example of it.
Example:
DOCTYPE HTML PUBLIC WaC/DTD HTML 4.01 Transitional/EN http://www.w3.org/TR/html/cosa di
<html>
<head>
<title>Example</title>
</head>
<body>
<?php
echo “Hi, I’m a PHP script!”
?>
</body>
</html>
Instead of lots of commands to output HTML (as seen in Cor Perl), PHP pages contain HTML with embedded code that does “something” (in this case, output “Hi, I’m a PHP script!”). The PHP code is enclosed in special start and end processing instructions <?php and ?> that allow you to jump into and out of “PHP mode.”
What distinguishes PHP from something like client-side JavaScript is that the code is executed on the server, generating HTML which is then sent to the client. The client receives the results of running that script, but does not know what the underlying code is. You can even configure your web server to process all your HTML files with PHP, and then there’s really no way that users can tell what you have up your sleeve,
The best things in using PHP are that it is extremely simple for a newcomer, but offers many advanced features for a professional programmer Don 1 be afraid reading the long list of PHP features. One can jump in in a short time and start writing simple scripts in a few hours
Although PHP development is focused on server-side scripting you can do much more with it Explore and write complex scripts for fun and knowledge
ASP
Active Server Pages (ASPS) are Web pages that contain server-side scripts in addition to the usual mature text and HTML (Hypertext Markup Language tags. Server-side scripts are special commands you put in Web pages that are processed before the pages are sent from your Personal Web Server to the Web browser of someone who’s visiting your Web site When you type a URL in the Address box or click a link on a Web page.
you’re asking a Web hosting server on a computer somewhere to send a file to the Web browser Sometimes called a “client) on your computer. If that file is a normal HTML file, it looks exactly the same when your Web browser receives it as it did before the Web server sent it After receiving the file, your Web browser display its contents as a combination of text, images, and sounds
On the Active Server page, the process is the same, except that an additional processing step occurs just before the Web server sends the file. Before a Web server sends an Active Server Page to a Web browser, it uses all the server-side scripts contained on the page. Some of these documents show the date, tme and other current information.
however, To distinguish them from normal HTML pages Active Server Pages provides the asp extension.
Using PHP Shell
When you point the browser at PHP Shell you will be asked to authenticate yourself By default (as you are aware) no username password works
- So add a User Name dunno installation
- Enter your username and password and
- then, press Login.
You will then be presented with a simple blank page without a large window with a blink arrow at the bottom, indicating that it is ready for your commands
Write a command and press RET or alternatively, press the Execute Command button if you really want The command will be executed and the result will show in the terminal. You can now enter another command
To be more precise the terminal is update with the command line you have just execute, the output of the command to standard out (stdout), and following that any error output sent to stderr.
The commands are executed relative to a current working directory, which is write up at the top. You change this by the normal command
Exploiting file upload vulnerability
File upload exploits are a common problem with web based applications in a nutshell this vulnerability hinges on functionality that allows an attacker to upload a ser at can then be executed on the server The most common cause of this vulnerability is functionality that is supposed to allow users to upload inert content (hings l images, POF documents and urwise) that is design to be display.
Often, however developers forget to accomplish proper input validation are you noticing a theme here yet?) that doesn’t restrict the types of fes an attacker can upload.
Let’s start the exploration of PHP include vnerabilen by creating ample PHP file Open a text editor and paite the following code into, then save the file as phpinfo php
<?php echo phpinfo();?>
This i will simply print out server configuration information (which could potentially be very dangerous information to expose) Next we upload this file utilizing the file inclusion vulnerability Call the page Index php include do_upload php
/index.php?include=image_upload.php
Next browse to the e you saved as phpinfo php and update Next browse to the URL Images tapo.
You can see that the PHP code that we induce in our file was execute by the server. There are several vicious attack tools (ike the 99 se) that are single PHP that can be upload to a server. thus, used to CHURN Pretty much any command the attacker wants All that point the attacker has taken over.
whatever account is running the web ser process which is usually a system level account Damage can be pretty widespread at that point, with t acker being able to lake over the entire machine without too much additional work
Prevent from PHP injection attack
One of the most common forms of security attacks involves exploiting the risk of inserting malicious code into the operating system and causing the installed code to be installed. A strong approach is the theory of protection against any kind of PHP injection attack to create and use a system-specific set-up by a random algorithm.
Code or PHP injection infuse by an attacker who does not know the key to random action will be invalid for a random processor that prevents this attack. This section describes the safe and efficient use of randomly programmed instructional (ISR) using powerful software translation.
There are three ways. First, the use of the cipher algorithm Advanced Encryption Standard (AES), to perform randomization. The AES is generally believe to be invincible. Second, AES can be perform efficiently and effectively with regard to release time and code size) without the need for special hardware support. Third is the way it receives malicious code before it is utilize.
Written By: Mayank Mevada
Reviewed By: Sayan Chatterjee
If you are Interested In Machine Learning You Can Check Machine Learning Internship Program
Also Check Other Technical And Non Technical Internship Programs