Content Management System

A place where newbies can post without (much) fear of reprisal. All mission posts should still go in the applicable forum.
Forum rules
Older HTS users: Be nice to the new people.

NEW USERS: This is NOT the place to post about missions! Refer to "Missions" category.

Content Management System

Post by NukkaXsplasH on Sun Jul 08, 2012 10:22 am
([msg=67852]see Content Management System[/msg])

Hello HTS!

This is my fist thread to kick off my learning experience here on this site.
I am a Computer security major in my senior year working on a senior project.

My group is using HTML 5 to create a website that will access a MySQL DB using PHP.

The backend content management system will be written in PHP.

I am the project leader, with fairly no experience in HTML and PHP.. (Mostly OOP experience/security exp ect.)

Besides a password policy and SQL Injection. What other types of vulnerabilities should I be preparing for?

Side Note: I am willing(and planning) on expanding my knowledge on HTML, PHP, and SQL. So elaboration may not be needed..

Thank you all!
NukkaXsplasH
New User
New User
 
Posts: 7
Joined: Sun Jul 08, 2012 9:02 am
Blog: View Blog (0)


Re: Content Management System

Post by centip3de on Sun Jul 08, 2012 12:37 pm
([msg=67855]see Re: Content Management System[/msg])

NukkaXsplasH wrote:Hello HTS!

This is my fist thread to kick off my learning experience here on this site.
I am a Computer security major in my senior year working on a senior project.

My group is using HTML 5 to create a website that will access a MySQL DB using PHP.

The backend content management system will be written in PHP.

I am the project leader, with fairly no experience in HTML and PHP.. (Mostly OOP experience/security exp ect.)

Besides a password policy and SQL Injection. What other types of vulnerabilities should I be preparing for?

Side Note: I am willing(and planning) on expanding my knowledge on HTML, PHP, and SQL. So elaboration may not be needed..

Thank you all!


I can only think of a few exploits off the top of my head

PHP:
Null Byte injection
CSRF
Directory traversal
Session poisoning
XSS (Cross site scripting)
Session hijacking
Generally not being stupid with GET variables

SQL:
SQL injection
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1467
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)


Re: Content Management System

Post by NukkaXsplasH on Mon Jul 09, 2012 9:19 am
([msg=67891]see Re: Content Management System[/msg])

Thanks for the quick response!

I will definatly be looking more into those PHP exploits that were mentioned.

I want to make sure that all site viewers cannot access the backend content management system. If the user login is compromised most of the website can be manipulated easily.

I will make the user login is in a hidden page not seen on the site map, but this can be easily bypassed when viewing the frontend source code. I want to make sure that the PHP connection and application cannot be infiltrated since the database will store user information and the CMS can change(destroy) the entire website.

Any other tips or information is greatly appreciated. If these thread should be moved to a more appropriate board, please advise.

Thnx,
NukkaXsplasH
NukkaXsplasH
New User
New User
 
Posts: 7
Joined: Sun Jul 08, 2012 9:02 am
Blog: View Blog (0)


Re: Content Management System

Post by OnlyHuman on Mon Jul 09, 2012 11:02 am
([msg=67893]see Re: Content Management System[/msg])

I don't know how large this project you're working on is, so this might be overkill. But, if you're looking for an exhaustive list of problems you may encounter, you should check out the CAPEC Attack Pattern Dictionary.

To save you some time, it can be found ~> here <~

It covers vulnerabilities, the attacks typically used on them, and methods to mitigate those attacks.
OnlyHuman
Poster
Poster
 
Posts: 191
Joined: Sat Aug 22, 2009 1:37 am
Blog: View Blog (0)


Re: Content Management System

Post by tremor77 on Tue Jul 10, 2012 8:55 am
([msg=67916]see Re: Content Management System[/msg])

As someone who is fairly adept at destroying CMS security.. here are some things I would consider doing to prevent hackers beyond what was mentioned above.

- Limit login attempts - force password reset after X failures or create timeout period to prevent brute force attempts on your admin login page.

- Use a login CAPTCHA to prevent bots - using Google's Re-Captcha is an effective method in this to reduce your own coding.

- If the CMS will have additional features like image upload, galleries, user profiles, shout box, forums, etc... input cleansing, input cleansing, input cleansing... input cleansing. Most CMS get hacky hacky when they allow guests to login as authenticated users to post comments on blogs and additional privileges.. this is where you're most vulnerable.

- Anti-Spam: If you allow posting you are sure to get spammers posting for Viagra in every comment section of the entire site... while this is not hacking the site it is terribly annoying.

- More Authentication: Consider making site admins or users with high privileges whitelist their IP's for logging in. There are a few CMS that do this, and I find this adds that last level of protection against brute force or social engineering or just general password guessing. Your biggest threat is likely to come from the end-user with weak passwords, account sharing and general stupidity of that nature.

- Server Environment: Create environment checks in your CMS to report various issues within the server environment. You could create a bulletproof CMS in theory with clean PHP and the like, but a poorly setup OS, webserver, mysql and server PHP config, etc, could still be your downfall. Register_Globals = TRUE for $1000 alex? Other things like PHP in ASP mode <? echo will this get you hacked ?>


that's about it for now.
Image
User avatar
tremor77
Contributor
Contributor
 
Posts: 911
Joined: Wed Mar 31, 2010 12:00 pm
Location: New York
Blog: View Blog (0)


Re: Content Management System

Post by NukkaXsplasH on Thu Jul 12, 2012 6:41 pm
([msg=68009]see Re: Content Management System[/msg])

Wow, great info guys.

Although it is not particularly a huge project, we are looking to get the 'senior project award' at my school and the more security implementation that is done, the better I look 8-) .

OnlyHuman, I will run though the CAPEC it seems as if there is a lot of information there. Thanks for the link.

Tremor77, Great addition here. A CAPTCHA will be implemented and a user lockout is a great idea. The detailed authentication and the breach checks in the enviroment is something I am definatly going to look into.

Your biggest threat is likely to come from the end-user with weak passwords, account sharing and general stupidity of that nature.

^This! Especially for our system that will be created, since it is not particulary attractive to hackers with no financial information and the like.

I appreciatie all of yor time and thank you for the responses. I will give an update on the project as it moves along! :D

-NukkaXsplasH
NukkaXsplasH
New User
New User
 
Posts: 7
Joined: Sun Jul 08, 2012 9:02 am
Blog: View Blog (0)



Return to NZone

Who is online

Users browsing this forum: No registered users and 0 guests