Communications on Applied Electronics (CAE) – ISSN : 2394-4714 Foundation of Computer Science FCS, New York, USA Volume 1– No.4, March 2015 – www.caeaccess.org 1 A Study of Attack on PHP and Web Security Vijay Kumar National Innovation Foundation-India Ahmedabad-380015 Devendra Patil National Innovation Foundation-India Ahmedabad-380015 Nitin Maurya National Innovation Foundation-India Ahmedabad-380015 ABSTRACT Hypertext pre-processor (PHP), a server side scripting language very often used to develop a web application. Web application has a big importance in communication over internet. Web applications got very fast growth in past some time. To pay bills, shopping, transactions, emails, social networking every days billions of users using these web application on in internet. Though web applications are very effective and time saving still security threats is also there. Now a day’s most of the application facing problem of security and data integrity. This study is to give different types possible attacks on web application which is developed by using php and how we anticipate such attack and prevent from them for future. General Terms Your general terms must be any term which can be used for general classification of the submitted material such as Pattern Recognition, Security, Algorithms et. al. Keywords Threats, vulnerability, cross scripting, server side scripting, security attacks, Security breaches, session hijacking, cookies theft. 1. INTRODUCTION In present era most of the people using internet daily. On the internet there are billions of web application are available which are using by the people daily. Web applications are, therefore, computer programs allowing website visitors to submit and retrieve data to/from a database over the Internet using their preferred web browser. The data is then presented to the user within their browser as information is generated dynamically (in a specific format, e.g. in HTML using CSS) by the web application through a web server. Where on one hand web applications are very useful application and helps to communication with several things online easily, on the other hand web applications are facing security threats and vulnerability every day. Data security and integrity on the web application is also a big problem now. PHP is a very common server side scripting language to develop web application, websites.. 2. TYPES OF ATTACK and PREVENTION There are different types of attacks which can be on both php and web. Attacker tries to know the vulnerable part of the coding, backend, application server. Because of this vulnerable part they can get into our application and modify the program as according to them. So we need to know these leakages in our application, those listed below. a. Sql Injection b. Xss (Cross Site Scripting) c. Remote File Inclusion d. Session Hijacking e. Cross Site Request Forgery f. Directory Traversal g. File Uploading h. Server File Access Permission i. Full Path Disclosure j. Open Redirect k. Exposed Session Data l. Cookies Theft m. Iframe Hack n. Insecure Cryptographic Storage o. Failure to Restrict Url Access 2.1 Sql Injection It’s a code injection technique, used to attack on those application which are having an important data, SQL injections are those techniques by which attacker injected malicious statements into an entry field for execution (e.g. to know the access cardinals of the database). SQL injection is mostly known as an attack vector for websites application but can be used to attack any type of SQL database. The input given by the end user (visitor) was processed by the backend SQL engine to perform CRUD operations on the database (CRUD - Create, Read, Update, and Delete). [1][2][3][4] Attacks manipulate the data which is given by the user. Then these attacks combine the query which is passed by the user and which is injected by the attacker but it will work and gives the result as a valid SQL request. To understand, (Refer the example). Let us have an application with a Web page containing a simple login form with input fields for username and password. With these credentials the user can get a list of all information they hold in their database. In this case, it is reasonable that input will come by the users and it will directly communicate with the SQL query which is written for the retrieval of the information. In PHP that query string might look something like this: $query = “select username, password from user where username='”.$_POST[“username”].” ' and password= ' ”.$_POST[“password”].” ' ” Now attacker can attack here to know the user name and password of person to inject the code : Select * from user where username=’a’ OR ‘1=1’ AND password=’a’ OR ‘1=1’; The code injected in the condition ‘1=1’ is a tautology statement. To run and evaluate this query database gives a result as true for each row and return all the result to them. If there is no security in the database and if there are some breaches in the programming attacker can get into it and can fetch information easily.