Tekil Mesaj gösterimi - PHP Güvenlik Açıklarını Kapamak?

Konu PHP Güvenlik Açıklarını Kapamak?

05-09-2012, 15:01:02

Vin

Mesela en cok duydugum sql injection var, bunun onune nasil gecebiliriz? Tum kodlari duzeltmek zor olucagindan internette bazi fonksiyonlar buldum. Mesela bunlardan birisi:

<?
$url_denied = array( 
   '/bin', '/../', '../../', '/usr', '/etc', '/boot', '/dev', '/perl', '/initrd', '/lost+found', '/mnt', '/proc', '/root', '/sbin', '/cgi-bin', '/tmp', '/var', 
   'ps%20', 'wget%20', 'uname%20-a', '/chgrp', 'chgrp%20', '/chown', 'chown%20', '/chmod', 'chmod%20', 'md%20', 'mdir', 'rm%20', 'rmdir%20', 'mv%20', 'tftp%20', 'ftp%20', 'telnet%20', 'ls%20', 
   'gcc%20-o', 'cc%20', 'cpp%20', 'g++%20', 'python%20', 'tclsh8%20', 'nasm%20', 'perl%20', 'traceroute%20', 'nc%20', 'nmap%20', '%20-display%20', 'lsof%20', 
   '.conf', '.htgroup', '.htpasswd', '.htaccess', '.history', '.bash_history', 
   '/rksh', '/bash', '/zsh', '/csh', '/tcsh', '/rsh', '/ksh', '/icat', 'document.domain(', 
   '/....', '..../', 'cat%20', '/*%0a.pl', 
   '/server-status', 'chunked', '/mod_gzip_status', 
   'cmdd=', 'http://', 'exec', 'passthru', 'cmd', 'fopen', 'exit', 'fwrite', 
   '<script', '/script>', '<?', '?>', 'javascript://', 'img src=', 
   'phpbb_root_path=', 'sql=', 'delete%20', '%20delete', 'drop%20', '%20drop', 'insert into', 'select%20', '%20select', 'union%20', '%20union', 'union(', 
   'chr%20', 'chr(', 'http_', 'http', 'txt?', 'gif?', 'jpg?', 'dat?', '_http', 'php_', '_php', '_global', 'global_', 'global[', '_globals', 'globals_', 'globals[', '_server', 'server_', 'server[', 
   '$_request', '$_get', '$request', '$get', '\'', '/*', '+union', '/**/select', '+',
); 
$_server = isset($_SERVER) && !empty($_SERVER) ? '_SERVER' : 'HTTP_SERVER_VARS'; 
$_env = isset($_ENV) && !empty($_ENV) ? '_ENV' : 'HTTP_ENV_VARS'; 
if ( ($url_request = !empty(${$_server}['QUERY_STRING']) ? ${$_server}['QUERY_STRING'] : (!empty(${$_env}['QUERY_STRING']) ? ${$_env}['QUERY_STRING'] : getenv('QUERY_STRING'))) ) 
{ 
   $url_request = preg_replace('/([\s]+)/', '%20', strtolower($url_request)); 
   $url_checked = preg_replace('/[\n\r]/', '', str_replace($url_denied, '', $url_request)); 
   if ( $url_request != $url_checked ) 
   {       $remote_addr = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') ); 
        $message = "<b>Tarih:</b> " . Date('D d M Y G:i', time()) . "\r\n<br />"; 
        $message .= "<b>Sorgulanan Baglanti:</b> " . $HTTP_SERVER_VARS['PHP_SELF'] . '?' . $url_request . "\r\n<br />"; 
        $message .= "<b>IP:</b> " . $remote_addr . "\r\n<br />"; 
           $message .= "<b>___________________________________________</b>\r\n<br />"; 
     $handle =fopen('loglar.php', 'a'); 
     fwrite($handle,$message); 
     fclose($handle); 
      die('<script>location.href="uyari.php";</script>'); 
   } 
} 
unset($_server); 
unset($_env); 
?>

Fakat bunda baya eksik oldugu soyleniyor.

Ayrica sirf sql injection icin sormuyorum, php scriptteki cesitli guvenlik aciklarini nasil kapayabiliriz?