Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
C
C
choodo2017-05-09 15:18:55
Information Security
choodo, 2017-05-09 15:18:55

What to google for protection against post upload attacks?

There are several simple static sites that were somehow filled with php shells for executing commands and uploading files.
The simplest thing that came to mind for protection is chmod 555. How to protect yourself in other ways (that is, what to google)?
ps and what to google to show the authors of these sites how they filled it all there?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
M
Mikhail Yesenin, 2019-01-15
@mirzok

Google for "shell upload", but if you want to specifically demonstrate where the vulnerability was, then I advise you to scan the X-Spider or METASCAN site to show the authors holes in their code.
About protection you are right, at least it is necessary to limit recording and execution. I advise you to read all possible measures to protect against shell flooding in the OWASP wiki , paragraph Prevention Methods.

Similar questions
V
Vasya Pupkin2020-02-03 21:12:17
Fortinet vs. Checkpoint, which way to move? 0Reply
A
Anton Ulanov2017-09-14 19:28:12
How to disable an account when moving it to a specific OU? 2Reply
L
liks2017-09-20 22:14:16
Are there bookmarks from google in pure android? 3Reply
I
Ivan2020-02-13 15:09:19
Determining the current Windows user from under a service running as another user with minimal privileges? 1Reply
K
Konstantin B.2020-02-13 16:27:57
How to check the router and network for hacking? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question