Title :
A prototype system to scrutinize PHP code injection attacks
Author :
Tomar, Deepak Singh
Author_Institution :
Dept. of Comput. Sci. & Eng., Maulana Azad Nat. Inst. of Technol., Bhopal, India
Abstract :
The growth of web applications on Internet has led to the increase in cyber crime. The attacker may inject malicious code into text boxes of vulnerable web application such as guest book, feedback form, search box, etc. which may be further executed by web server. The execution of system call and API on web server by attacker through PHP code injection may damage the file system or leaks configuration information of web server. PHP code injection attacks have become more extensive in nature due to the emergence of dynamic web paradigms. Dynamic features and functionalities of a web site are controlled through PHP language. Hence, the use of PHP language (which itself carries vulnerabilities) in dynamic web page results in higher possibilities of successful execution of code injection attacks. The aim of this paper is twofold. Firstly, to understand the web application vulnerabilities related to PHP code injection attack, two PHP code injection attack scenarios have been developed. Secondly, to accurate and fast incident determination from gathered evidences a tagging system based on domain dictionary has been developed. The proposed prototype system shall be helpful for law enforcement agency to effectively gather and analyze evidences subjected to PHP code injection attacks.
Keywords :
Internet; Web sites; application program interfaces; authoring languages; computer crime; API execution; Internet; PHP code injection attacks; PHP language; Web application vulnerabilities; Web server; Web site; configuration information leakage; cyber crime; domain dictionary; dynamic Web page; feedback form; file system; guest book; law enforcement agency; malicious code; search box; system call execution; tagging system; text boxes; Dictionaries; File systems; Prototypes; Security; Tagging; Web servers; PHP Code Injection Attack; Web Application Vulnerability;
Conference_Titel :
Computer Science & Education (ICCSE), 2012 7th International Conference on
Conference_Location :
Melbourne, VIC
Print_ISBN :
978-1-4673-0241-8
DOI :
10.1109/ICCSE.2012.6295277