tailieunhanh - Lecture notes on Computer and network security: Lecture 27 - Avinash Kak

Lecture 27 - Web security: PHP exploits, SQL injection, and the slowloris attack. In this chapter, students will be able to understand: What do we mean by web security? PHP and its system program execution functions, an example of a PHP exploit that spews out third-party spam, MySQL with row-level security, SQL injection attack, the slowloris attack, protecting your web server with mod-security. | Lecture 27: Web Security: PHP Exploits, SQL Injection, and the Slowloris Attack Lecture Notes on “Computer and Network Security” by Avi Kak (kak@) April 19, 2016 4:25pm c 2016 Avinash Kak, Purdue University Goals: • What do we mean by web security? • PHP and its system program execution functions • An example of a PHP exploit that spews out third-party spam • MySQL with row-level security • SQL Injection Attack • The Slowloris Attack • Protecting your web server with mod-security CONTENTS Section Title Page What Do We Mean by Web Security? 3 PHP’s System Program Execution Functions 8 A Contrived PHP Exploit to Spew Out Spam 12 MySQL with Row-Level Security 27 PHP + SQL 44 SQL Injection Attack 51 The Slowloris Attack on Web Servers 55 Protecting Your Web Server with mod-security 65 2 Computer and Network Security by Avi Kak Lecture 27 : WHAT DO WE MEAN BY WEB SECURITY? • Obviously, practically all of the security-related fundamental notions we have covered so far are relevant to many of our activities on the web. Where would web commerce be today without the confidentiality and authentication services provided by protocols such as TLS/SSL, SSH, etc? • But web security goes beyond the concerns that have been presented so far. Web security addresses the issues that are specific to how web servers present their content to web browsers, how the browsers interact with the servers, and how people interact with the browsers. This lecture takes up some of these issues. • Until about a decade ago, the web servers offered only static content. This content resided in disk files and security consisted primarily of restricting access to those files. • Bow now web servers create content dynamically. Newspaper pages and the pages offered by e-commerce folks may, for ex3 Computer and Network Security by Avi Kak Lecture 27 ample, alter the advertisements in their content depending on what they can guess