DelphiFAQ Home Search:

Some ideas for more web security with perl scripts

 

commentsThis article has not been rated yet. After reading, feel free to leave comments and rate it.

Question:

What can I do in my perl scripts to increase security of my web site?

Answer:

My site got hacked once and I was lucky that the 'hacker' wrote me an email pointing out the problem. My main mistake had been that I had a script which got a file name as an parameter, read that file and displayed it as the next page. The idea had been that the script would get one of 3 different HTML pages as parameter.

What the hacker did was identify how this script worked by looking at how it was invoked, then he called the script directly using GET requests and passing other (normally not visible) files as arguments. That way he was able to read my perl scripts in source .. and obtain the mysql database password.

Some lessons learned from that.

  1. If your script reads a file and you use relative file names driven by user input, absolutely make sure that these files are in (or under) the directory that you intended. E.g. check for '..' in the passed file name. Better yet, do not allow to pass a directory but only a file name and hard code the directory in your script.
  2. Make sure that there are no <!-- in any arguments. The intruder could try to sneak a server side include into your HTML in case you display the output on a .shtml page. See the
  3. Check the referrer of your script. It should be your own site meaning that no external site will have a link to your script. Some users will suppress the referrer, so you will have to accept an empty referrer value.
  4. Only allow to pass data with POST requests and ignore GET requests. POST requests are a bit more difficult to fake.

# checking the referrer:

# a list of valid referrers; the first one is your IP number
@referers = ('12.34.56.78', 'www.coders-corner.com', 'coders-corner.com');

check_url();

sub check_url {
   $check_referer = 0;

   if ($ENV{'HTTP_REFERER'}) {
      foreach $referer (@referers) {
         if ($ENV{'HTTP_REFERER'} =~ /$referer/i) {
            $check_referer = 0;
	    last;
         }
      }
   }
   else {
      $check_referer = 1;
   }

   if ($check_referer != 1) {
      # bad referrer
      print "Location: http://www.coders-corner.com\n\n";
      stop;
   }
}

#===================================================
# when parsing form data (assuming that $value holds a passed value)
# do this:
# If they try to include server side includes, erase them, so they
# arent a security risk if the html gets returned.
# Another security hole plugged up.
$value =~ s/<!--(.|\n)*-->//g;

Comments:

 

 

NEW: Optional: Register   Login
Email address (not necessary):

Rate as
Hide my email when showing my comment.
Please notify me once a day about new comments on this topic.
Please provide a valid email address if you select this option, or post under a registered account.
 

Show city and country
Show country only
Hide my location
You can mark text as 'quoted' by putting [quote] .. [/quote] around it.
Please type in the code:

Please do not post inappropriate pictures. Inappropriate pictures include pictures of minors and nudity.
The owner of this web site reserves the right to delete such material.

photo Add a picture: