web security
DESCRIPTION
Web Security issues and adviceTRANSCRIPT
![Page 2: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/2.jpg)
Finding the flaw
• Stolen user credentials
• Weak passwords
• Code vulnerabilities
• Dangerous configurations
![Page 3: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/3.jpg)
In the public
• ext:sql intext:@gmail.com intext:password
• inurl:/backup intitle:index of backup intext:*sql
• intext:phpMyAdmin SQL Dump filetype:sqlintext:INS...
• inurl:.php? intext:CHARACTER_SETS,COLLATIONS, ?intitle:phpmyadmin
![Page 4: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/4.jpg)
Owning your box
• The cost
• The responsibility
![Page 5: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/5.jpg)
Shell
• Shell
![Page 6: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/6.jpg)
Know it
• Recognize a backdoor
• File name patterns/location
• File modification date
• File permissions/ownership
• File contents
• Log analysis
![Page 7: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/7.jpg)
File
![Page 8: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/8.jpg)
File contents
![Page 9: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/9.jpg)
The Log
![Page 10: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/10.jpg)
Strange URL in access log
• http://www.Victim-website.com.mm/mailto.php
• http://www.Victim-website.com.mm/mailto.php?symlink&symlinkserver
• http://www.Victim-website.com.mm/mailto.php?database
• http://www.Victim-website.com.mm/mailto.php
• http://www.Victim-website.com.mm/aboutus_photo/2005068737dunush.php
![Page 11: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/11.jpg)
Malicious Redirect Code Within
The .htaccess File
![Page 12: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/12.jpg)
Advice
• Only administer your website from a deviceyou trust is free of malware.
• Do not administer your site from a free Wi-Fi hotspot
• Keep your website up to date
• Use strong passwords and change them on aregular basis.
• Back up your site at least once a month.
![Page 13: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/13.jpg)
Tip
• Curious
• Everything is test
![Page 14: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/14.jpg)
Reference
• blog.malwarebytes.org
![Page 15: Web security](https://reader036.vdocument.in/reader036/viewer/2022081807/5594420d1a28abfa2f8b45a3/html5/thumbnails/15.jpg)
Q&A
Thanks