whx
/
killchain-compendium
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
killchain-compendium/Miscellaneous/Exploit Mitigation.md

1.0 KiB
Raw Blame History

Exploit Mitigation

All User Input is Evil

Web Mitigations

Uploads

  • Validate the following
    • Content-Type
    • File Extension
    • Magic File Number
    • Maximum File Size
  • Rename the file randomly
  • Scan for Malware
  • Use Path objects instead of Strings
  • Save uploads outside of the web root

Database SQLi

  • Typecasting of variables inserted
  • Prepared Statements

HTML5 Input & Forms

  • An <input> field can provide a pattern which checks for regex. In a free text field regex is not sufficient, therefore whitelist allowed characters.
  • Use type attribute of <input> to set the type of the values
  • Requirements on the inputs can be done in the following ways of required <attributes>:
    • minlength
    • maxlength
    • size
    • min
    • max
    • pattern

PHP Input Backend

  • htmlentities() escapes characters
$name = htmlentities($_GET['name'], ENT_QUOTES | ENT_HTML5, "UTF-8")
  • Use HTMLPurifier
  • Use intval() to typecast, e.g. ids