On this years conference we did start a quiz regarding security.
For those who were not able to visit the Conference I’d like to show the questions asked.
Which of the following code lines does really protect against Cross-Site-Scripting?
[ ] echo ‚<a href="index.php?name=‘.addslashes($_GET[’name‘]).’">name</a>‘;
[ ] echo ‚<a href="index.php?name=‘.strip_tags($_GET[’name‘]).’">name</a>‘;
[ ] echo ‚<a href="index.php?name=‘.preg_replace(‚|\W|‘, “, $_GET[’name‘]).’">Name</a>";
In which code line did we hide a Remote Code Execution?
[ ] include(dirname(__FILE__).’/lang/lang_‘.$_GET[‚lang‘].‘.php‘);
[ ] preg_replace(‚/_NAME_/msiUe‘, "htmlentities(\"$_GET[name]\")", ‚Hello Mr _NAME_ ! ‚);
[ ] eval("echo ‚Hello Mr ".htmlentities($_GET[’name‘], ENT_QUOTES)."‘;");
[ ] <img />
[ ] <br />
[ ] <style></style>
[ ] <meta></meta>
What is not possible to happen if your website contains a Cross-Site-Scripting-Vulnerability?
[ ] It is possible to take over the user-logins by using the so named Session-Riding.
[ ] Your website visitor´s intranet can be scanned.
[ ] Every pressed key of your sites user´s can be logged by third parties.
[ ] Your user´s harddisks can be formatted.
So: are you able to give the correct answers?
Please check the correct answers here. We would like to thank Christopher and Stefan from Hardened PHP for doing some explanation there in cooperation with us.
And for those of you interested in number crunching:
We had 39 participants; there were only 8 completely correct forms handed in and the average of correct answers was 1.974 out of 4
If you might want to improve your PHP Security know how, please check our array of professional services from Security Audit to Security Trainings.
The winners of the quiz are:
- Stefan Neufeind (1 iPod Nano, 1 Chorizo! Standard license)
- Jan Schneider (1 Chorizo! Standard license)
- Keith Sauvant (1 Chorizo! Standard license)
- Holger Falk (1 Chorizo! Standard license)
- Mark Wiesemann (1 Chorizo! Standard license)