Quote:
Originally Posted by patrik_
I'm trying to fix it now
|
It's good that you posted those two snippets. Let's fix the problem that affects all of us: Unless there is some additional code between them sanitizing the variables you have a very dangerous situation should the site go public. Using
$_GET[...] in the way you have shown it allows visitors the potential to run arbitrary code on your system. That is because when using
$_GET, you are fetching tainted variables straight from the outside world and they can contain anything.
So instead of "10.32.48.82" someone could pass it "10.32.48.82; /bin/rm -rf /" or somethings much, much worse.
Figure out what needs to be in both $device and $inter and then make a regular expression pattern to check on each variable. This is important for all the variables that use
$_GET[...], don't skip this step for any of them. Don't work on anything else, including your SSH question, before completing this step.
You can find a concise example of how to filter for IPv4 and IPv6 IP addresses:
https://www.tutorialrepublic.com/php...hp-filters.php
Dig into that short routine and you'll see how you can write a similar routine to validate the network interface names, too. Then go through the rest of your code and do the same for every variable you have fetched using
$_GET or
$_POST.
When ecountering data deemed invalid by your regular expressions or validation fuctions, have the program stop running and make a log entry. Don't have it report any information to the web UI because you will forget to turn it off when it goes into production.