killchain-compendium/Miscellaneous/Exploit Mitigation.md

45 lines
1.0 KiB
Markdown
Raw Normal View History

2022-12-20 01:06:22 +01:00
# Exploit Mitigation
> All User Input is Evil
## Web Mitigations
### Uploads
* Validate the following
* Content-Type
* File Extension
* Magic File Number
* Maximum File Size
* Rename the file randomly
* Scan for Malware
* Use Path objects instead of Strings
* Save uploads outside of the web root
### Database SQLi
* Typecasting of variables inserted
* Prepared Statements
### HTML5 Input & Forms
* An `<input>` field can provide a pattern which checks for regex. In a free text field regex is not sufficient, therefore whitelist allowed characters.
* Use `type` attribute of `<input>` to set the type of the values
* Requirements on the inputs can be done in the following ways of `required <attributes>`:
* `minlength`
* `maxlength`
* `size`
* `min`
* `max`
* `pattern`
### PHP Input Backend
* `htmlentities()` escapes characters
```sh
$name = htmlentities($_GET['name'], ENT_QUOTES | ENT_HTML5, "UTF-8")
```
* Use HTMLPurifier
* Use `intval()` to typecast, e.g. ids
```