SitePoint Sponsor

User Tag List

Results 1 to 15 of 15
  1. #1
    SitePoint Member
    Join Date
    Jan 2014
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PHP vulnerability scanning tool

    Is there a free tool that will recursively scan every bit of code in your site for vulnerabilities associated with inputs, URL vars, AJAX requests, and all the other possible attack vectors?

  2. #2
    SitePoint Member
    Join Date
    Dec 2008
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    do not know of a script that scans all vectors but this is a good scanner

    https://www.rfxn.com/projects/linux-malware-detect/
    Lowest Host/Empire Technology LLC
    Affordable Hosting solutions http://empire-hosting.net/
    Master reseller solutions http://lowesthost.com/

  3. #3
    Certified Ethical Hacker silver trophybronze trophy dklynn's Avatar
    Join Date
    Feb 2002
    Location
    Auckland
    Posts
    14,679
    Mentioned
    19 Post(s)
    Tagged
    3 Thread(s)
    FW,

    maldet can be run on a 'nix server. It scans for all sorts of malware. My hosts have wanted to do the install on both a VPS and dedicated server so you may want to contact your host and request that they install and configure for you. It's an excellent malware scanner.

    Regards,

    DK
    David K. Lynn - Data Koncepts is a long-time WebHostingBuzz (US/UK)
    Client and (unpaid) WHB Ambassador
    mod_rewrite Tutorial Article (setup, config, test & write
    mod_rewrite regex w/sample code) and Code Generator

  4. #4
    SitePoint Member
    Join Date
    Jan 2014
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Cheers. I build all my sites on my own computer before putting them on the internet, so maldet program sounds like what I need.

  5. #5
    Certified Ethical Hacker silver trophybronze trophy dklynn's Avatar
    Join Date
    Feb 2002
    Location
    Auckland
    Posts
    14,679
    Mentioned
    19 Post(s)
    Tagged
    3 Thread(s)
    FW,

    I've just discovered that the maldet I thought was running (compliments of my host) wasn't there after all! However, I found that, if you have access to your server (VPS or dedi), you can download, install, configure and await your daily reports for yourself. Just Google for maldet.

    Regards,

    DK
    David K. Lynn - Data Koncepts is a long-time WebHostingBuzz (US/UK)
    Client and (unpaid) WHB Ambassador
    mod_rewrite Tutorial Article (setup, config, test & write
    mod_rewrite regex w/sample code) and Code Generator

  6. #6
    SitePoint Member
    Join Date
    Jan 2014
    Location
    London UK
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I had a look at the link above. Its a malware scanner and not a tool to test vulnerabilities in an PHP applications. Saying that I have been looking for a link like that for a very long time and haven't found one yet!

    Has anyone here found a tool like this....I would be very thankful

    Thanks
    Jon
    Software Developer

  7. #7
    Certified Ethical Hacker silver trophybronze trophy dklynn's Avatar
    Join Date
    Feb 2002
    Location
    Auckland
    Posts
    14,679
    Mentioned
    19 Post(s)
    Tagged
    3 Thread(s)
    Hi Jon,

    maldet is a malware scanner, TRUE! However, it does look into PHP files to detect malevolent code.

    To test PHP vulnerabilities, you need to be very familiar with PHP coding ... and check user input until you're blue in the face!

    Ah! I remember looking at Tenable's Nessus scanner ... but it costs a ton ($1500/yr) so you're better off with my earlier suggestion which is what is highly recommended everywhere.

    Regards,

    DK
    David K. Lynn - Data Koncepts is a long-time WebHostingBuzz (US/UK)
    Client and (unpaid) WHB Ambassador
    mod_rewrite Tutorial Article (setup, config, test & write
    mod_rewrite regex w/sample code) and Code Generator

  8. #8
    SitePoint Member
    Join Date
    Jan 2014
    Location
    London UK
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hmm. Tenable looks very good and I guess the price reflects it. Looks like I am down to two options:

    Maldet and employing a consultant to check the app. I am sure it will the former my company will choose.

    Thanks for all the help.

    Cheers!
    Jon

  9. #9
    Community Advisor silver trophy

    Join Date
    Nov 2006
    Location
    UK
    Posts
    2,559
    Mentioned
    40 Post(s)
    Tagged
    1 Thread(s)
    A malware scanner isn't what you really need. If have constructed your web site from a bunch of resources downloaded from the web (e.g a wordpress site with a bunch of plugins and themes) then it might be useful in detecting any spurious injections of malware (happens sometimes with free themes and plugins), but it won't detect vulnerabilities in a custom built site or application.

    What you're looking for is penetration testing software / fuzzing software - this traverses the application as a client, testing inputs and responses with a range of typical exploitative techniques.
    There are freely available tools, but they often require a reasonable amount of expertise in their use. This link contains a list of possibilities: http://seclists.org/pen-test/2012/Feb/14
    And this site is useful in general in getting better clued up on where weaknesses are likely to be: https://www.owasp.org/index.php/Top_10_2013-Top_10

  10. #10
    SitePoint Zealot coloradojaguar's Avatar
    Join Date
    Sep 2011
    Location
    Southwestern Mountains
    Posts
    151
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks for posting the information East Coast. It is a good question as security exploits become more and more common. As you said it may take some advanced level of expertise to use but at least it is a good starting point for finding site vulnerabilities "associated with inputs, URL vars, AJAX requests, and all the other possible attack vectors." In this age of advancing technology sometimes it is best to hire out a little help. It is now almost impossible to be an expert on all fronts.
    Hosted solutions provider since 1998 - UK, Atlanta, L.A.,
    JaguarPC.com - Managed Hybrid Servers |
    Managed VPS Hosting | Dedicated Servers

  11. #11
    SitePoint Enthusiast
    Join Date
    Nov 2012
    Location
    Cape Town, South Africa
    Posts
    40
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    We used "http://configserver.com/cp/cxs.html" on a few of our servers and atomic on other servers. Works great.

  12. #12
    SitePoint Addict nimasdj's Avatar
    Join Date
    Dec 2007
    Posts
    314
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    How to run maldet command in shel? is it like this?
    $ maldet -a /home/?/public_html/
    I get command not found error, what should I add before maldet?

  13. #13
    SitePoint Member
    Join Date
    Jan 2014
    Location
    London UK
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hmm...looks good..will try it out sahostking.

    Thanks!
    Jon

  14. #14
    SitePoint Member
    Join Date
    Jan 2014
    Location
    London UK
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by nimasdj View Post
    How to run maldet command in shel? is it like this?
    $ maldet -a /home/?/public_html/
    I get command not found error, what should I add before maldet?

    I think you have posted this on the wrong thread mate!

  15. #15
    SitePoint Addict nimasdj's Avatar
    Join Date
    Dec 2007
    Posts
    314
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No. correctly posted. maldet was suggested above.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •