C
C
choodo2017-05-09 15:18:55
Information Security
choodo, 2017-05-09 15:18:55

What to google for protection against post upload attacks?

There are several simple static sites that were somehow filled with php shells for executing commands and uploading files.
The simplest thing that came to mind for protection is chmod 555. How to protect yourself in other ways (that is, what to google)?
ps and what to google to show the authors of these sites how they filled it all there?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
M
Mikhail Yesenin, 2019-01-15
@mirzok

Google for "shell upload", but if you want to specifically demonstrate where the vulnerability was, then I advise you to scan the X-Spider or METASCAN site to show the authors holes in their code.
About protection you are right, at least it is necessary to limit recording and execution. I advise you to read all possible measures to protect against shell flooding in the OWASP wiki , paragraph Prevention Methods.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question