This website uses cookies to ensure you have the best experience. Learn more

Static Analysis Of A Source Code

845 words - 3 pages

Introduction
The main purpose of performing a static analysis of a source code as far
as web applications auditing is concern is to detect vulnerability. This article
describes therefore an algorithm proposal that will be used to examine two main
PHP source code potential vulnerabilities; LFI (Local File Inclusion) and RFI
(Remote File Inclusion). The approach will be as follow, a denition of the pat-
tern used to nd such les function whose potential for abuse is very high as a
result of having user inputs that are unhandled, is rst made. In specic terms,
to detect the vulnerability of this pattern utilizes normal expressions which are
deemed as a fast and uncomplicated technique. In this process some result we
call false positive (FP) will result as a consequence of using, in a safe way, in-
clusion function. The resultant FP's to begin with may come about since this
function's arguments are not part of those variables supplied by the user. To de-
tect the vulnerability in the code lines therefore, an extract of all those variables
supplied by the user is made. Just like a multi-level assignment, vulnerability
on the other hand would spread mound the variables hence also prompting the
extraction of hidden user supplied variables. So in order to decrease these FP's
another pattern denition is made in order to establish a means of vulnerability
prevention of the inclusion functions.
Despite permitting the generation of extensively used dynamic codes and
indirection multi levels as far as function access and variables are concerned, the
results in a number of similar projects bring to the light that many presented
problems using this approach can be detected and eliminated. This is in spite of
static analysis lacking the ability to cover the application functionality in whole
as a result of the complexity of PHP code.
2
PHP Vulnerabilities
Originally having been designed for the production of dynamic web pages
PHP in its evolution has come to incorporate command line interface ability
and can also be utilized in graphical applications that are stand alone. PHP, a
computer scripting language, specically suit for wed development is a broadly
used general-purpose scripting language. NetCraft states that there is huge em-
inent progress as far as the use of PHP in web applications is concerned (this
point is given weight by the diagram in Figure 1). However, various weaknesses
and vulnerabilities have with time been reported in PHP. Some of these vul-
nerabilities may have unrealized impacts while others provide a means through
which malicious people exploits hence compromising the security of sensitive in-
formation and making user authentication very dicult. These vulnerabilities
include but not limited to; RCE, SQL...

Find Another Essay On Static Analysis of a Source Code

Assess the role of filmaker Leni Riefenstahl as a Nazi propagandist using source analysis

1672 words - 7 pages document Goebbel's diary is more accurate and reliable because it is a primary source and also he had no reason to lie in 1933, unlike Riefenstahl in 1995. By considering that Riefenstahl was impressed with and attracted to Hitler we can observe that she would have happily attempted to propagate for Hitler's Nazi regimes.Her approach to the production and perfection of her films for Hitler is evidence that she employed her genius selflessly in the

Analysis of "A Woman’s Beauty: Put Down or Power Source?" By Susan Sontag

975 words - 4 pages In her essay “A Woman’s Beauty: Put Down or Power Source?” Susan Sontag masterfully with just few strokes undoes the signification of the mythology of the feminine. She ponders the opposite pair of concepts of beautifulness and handsomest in a deconstructionist fashion. She describes the violent coexistent in which both concepts concur. However, after effectively have exposed the way these oppositions function and understanding the distortion of

Analysis of A Woman´s Beauty: Put-Down or Power Source by Susan Sontag

1064 words - 5 pages In "A Woman's Beauty: Put-down or Power Source," Susan Sontag portrays how a woman's beauty has been degraded while being called beautiful and how that conceives their true identity as it seems to portray innocence and honesty while hiding the ugliness of the truth. Over the years, women have being classified as the gentler sex and regarded as the fairer gender. Sontag uses narrative structure to express the conventional attitude, which

A Company's Code of Ethics

1945 words - 8 pages A company's code of ethics is very important to establishing the expectations and quality of its brand. The code of ethics are concrete expectations for employee behavior, accountability and communicates the ethical policy of a company to its partners and clients. A good business practice is to have sound ethics. Having good ethical practice is knowing the difference between right and wrong and choosing what the right thing is

An Analysis of Hammurabi's Code of Law

853 words - 3 pages inequality all made up a portion of the eight foot tall stone tablet that we now know as Hammurabi's Code of Law (Horne).Hammurabi's reign lasted from 1795 until 1750 BC (Horne). Up until Hammurabi took control, there had been no ruler to publicly establish an entire set of laws. Written in order to regulate the organization of the Babylonian society, this code, consisting of two hundred laws, begins and ends by addressing the gods. Revenge

Dunkin Donuts Code of Ethics Analysis

1735 words - 7 pages A code of ethics is a formal document in which is used to assist members of an organization, to know what’s ‘right’ and what is ‘wrong’ in the work place and applying it to their decisions. A code of ethics is a written set of rules or guidelines to help the workers and management ‘conduct’ or direct their actions with its primary values and ethical standards. A code of ethics is important because without it, employees and management wouldn’t

Nuclear Fusion a Feasible Source of Power

1895 words - 8 pages Is Nuclear Fusion a Feasible Source of Power? Abstract: Nuclear fusion may be an effective solution to the energy problem in today?s world. Fusion is environmentally friendly and has the potential to generate massive amounts of power. It is evident that the Sun?s power is fueled by nuclear fusion. Recent advancements such as ITER and NIF may bring us closer to being able to use fusion. We find that nuclear fusion is a long-term

Elie Wiesel A Source of Strength

1659 words - 7 pages I have chosen Elie Wiesel for this assignment because I find him to be an extraordinary man with a past that shows an extraordinary source of strength, both in survival and character. Born in Sighet, Transylvania on September 30, 1928, he came from an extremely religious Jewish family consisting of his parents and two sisters. As a child, he was well-educated in both Judaism and secular subjects. He grew up speaking Yiddish, Hungarian, Romanian

A Shrinking Source of Ethos and Pathos

1495 words - 6 pages link the audience to the NBA through them. The audience then can stay connected and even communicate to the NBA directly. But how does this demonstrate corporate social responsibility? The view that the audience is the power source behind the NBA is a crucial one if the NBA wants to stay in business. The audience of the NBA, whether they are watching the games on television or attending a game, provide the NBA with monetary resources. These

Maya Angelou: A Source of Humanity

1413 words - 6 pages Maya Angelou: A Source of Humanity "I am human," Angelou said, "and nothing human can be alien to me" (Shafer). Maya Angelou just may be the most "human" person in the world. Indeed, with all of the struggles she went through in her early life, her humanness increasingly deepened. Her life was characterized by the instability of her childhood and her family, along with the challenge of being a black woman growing up in 19th century

Evaluation of a business code of ethics

1357 words - 5 pages Ethical behavior from employees is the foundation for a successful business. Trevino and Nelson define ethical behavior as being, "consistent with the principles, norms, and standards of business practice that have been agreed upon by society (2007, p. 16, para. 1). A code of ethics is an example of the way a company would have employees act; an instruction manual for ethical behavior. Simply possessing a code of ethics does not guarantee

Similar Essays

Analysis Of Hammurabi’s Code

805 words - 3 pages Throughout the world, people consider The Code of Hammurabi one of the most important codes of law ever recorded in the history of the world based on what it tells us about the history of early Babylon. The code gives people a way to see not only how the society of Babylon developed early on but also how other civilizations were developing complex societies, which were similar to the Babylonians. However, the code also shows us how the role of

Perks Of Being A Wallflower Static Image Explanation

906 words - 4 pages it act as one of the main static image in the poster, but it is another symbol for Charlie. The colour of the silhouette explains how empty inside Charlie feels throughout the book, whereas he is a ‘wallflower’, an informal saying for “a person who has no one to dance with or who feels shy, awkward, or excluded at a party.” (Oxford Dictionaries, n.d.) The readers can easily identify this characteristic of the protagonist when Charlie was in the

Religion: A Source Of Violence Essay

923 words - 4 pages In Hermann Häring’s, Religion as a Source of Violence: Overcoming Violence in the Name of Religion (Christianity and Islam) and Working Hard to Overcome Violence in the Name of Religion, he focuses on the notion of violence in the name of religion and the role of religion in the name of peace. All religions know violence and killing are unacceptable, but when religion is questioned or disputed, violence is used as a means to protect ones

The Purpose Of This Assignment Is To Analyse Source Code And Look For Vulnerabilities. The Vulnerabilities Identified Will Be Exploited With A

1475 words - 6 pages javascript to be embeded in the source code and the pop-up to show. The SQL injection allows the email field to be filled with a value of " ' OR 1=1 -- ". The original code failed because no value was entered for the email address. The registered username and password for this example is Tom. After registering with the XSS code in the email address field, the user logs in and the javascript pop-up with “Hacked ” appears. (See Figure 3.1-1 below