Automatically Hardening Web Applications Using Precise TaintingReport
Most web applications contain security vulnerabili- ties. The simple and natural ways of creating a web application are prone to SQL injection attacks and cross-site scripting attacks (among other less common vulnerabilities). In response, many tools have been developed for detecting or mitigating common web application vulnerabilities. Existing techniques either require effort from the site developer or are prone to false positives. This paper presents a fully automated approach to securely hardening web applications. It is based on precisely tracking taintedness of data and checking specifically for dangerous content in only in parts of commands and output that came from untrustworthy sources. Unlike previous work in which everything that is derived from tainted input is tainted, our approach precisely tracks taintedness within data values. We describe our results and prototype implementation on the predominant LAMP (Linux, Apache, MySQL, PHP) platform.
All rights reserved (no additional license for public reuse)
NguyenTuong, Anh, Salvatore Guarnieri, Doug Greene, and David Evans. "Automatically Hardening Web Applications Using Precise Tainting." University of Virginia Dept. of Computer Science Tech Report (2004).
University of Virginia, Department of Computer Science