THAPS: Automated Vulnerability Scanning of PHP Applications

Torben Jensen, Heine Pedersen, Mads Chr. Olesen, Rene Rydhof Hansen

Publikation: Bidrag til bog/antologi/rapport/konference proceedingKonferenceartikel i proceedingForskningpeer review

8 Citationer (Scopus)

Abstrakt

In this paper we describe the THAPS vulnerability scanner for PHP web applications. THAPS is based on symbolic execution of PHP with specialised support for scanning extensions and plug-ins of larger application frameworks. We further show how THAPS can integrate the results of dynamic analyses, generated by a customised web crawler, into the static analysis. This enables analysis of often used advanced dynamic features such as dynamic code load and reflection. To the best of our knowledge, THAPS is the first tool to apply this approach and the first tool with specific support for analysis of plug-ins.
In order to verify our approach, we have scanned 375 WordPress plug-ins and a commercial (monolithic) web application, resulting in 68 and 28 confirmed vulnerabilities respectively.
OriginalsprogEngelsk
TitelProceedings of the 17th Nordic Conference on Secure IT-Systems (NordSec 2012)
Vol/bind7617
ForlagSpringer
Publikationsdato2012
Sider31-46
ISBN (Trykt)978-3-642-34209-7
ISBN (Elektronisk)978-3-642-34210-3
DOI
StatusUdgivet - 2012
Begivenhed17th Nordic Conference, NordSec 2012: Secure IT Systems - Karslkrona, Sverige
Varighed: 31 okt. 20122 nov. 2012
Konferencens nummer: 17

Konference

Konference17th Nordic Conference, NordSec 2012
Nummer17
Land/OmrådeSverige
ByKarslkrona
Periode31/10/201202/11/2012
NavnLecture Notes in Computer Science
Vol/bind7617
ISSN0302-9743

Citationsformater