When developing a web application, it is extremely important to have security in mind and be aware of the different risks. If one does not know the risks and the mechanics behind each vulnerability, there is no way to protect against it.
In Parts 1 and 2 in this Series on PHP Security we looked at types of vulnerabilities such as SQL Injection, Directory Traversal and Code Injection. In Part 3 however, we shall be looking at XSS vulnerabilities and the importance of secure password storage.
Cross-site Scripting or XSS is a vulnerability in which client-side code is injected into the output of a web application and executed in the user’s browser. There are three types of XSS. Reflected, in which the code executed is being sent as part of the request and included in the response body. Stored (or persistent XSS), in which the code is being stored serverside, most commonly in a database, and being executed when the code is retrieved and outputted unescaped. Last and less common is the DOM-based XSS in which an existing legitimate script is tricked into executing a malicious payload by manipulating the DOM and not the source of the page. The impact of successful exploitation varies from redirecting to malicious websites to stealing credentials, cookies and CSRF tokens. It is one of the most common vulnerabilities found in web applications.
Passwords serve a sole purpose – to help a user authenticate against a system to access private data. Users need to provide a password which will be used by an authentication mechanism to verify whether access should be allowed or not. If in any way a third party gets access to your password, they will then be able to access private information such as your name, email, address, credit card number, photos, and financial data. That is why passwords should be kept secret/private.
For a system to be able to verify a user’s password, it first needs to have it stored in some sort of database to check against. As we have seen in part 1 of this series, hackers can use SQL injection to exfiltrate passwords stored in databases, thus storing them securely is crucial.