Source Code Analyzer for PHP Vulnerabilities – RIPS

The World Wide Web grew rapidly during the last decades and is used by millions of people every day for online shopping, banking, networking, and other activities. Many of these websites are developed with PHP, the most popular scripting language on the Web. However, PHP code is prone to different types of critical security vulnerabilities that can lead to data leakage, server compromise, or attacks against an application’s users. This problem can be addressed by analyzing the source code of the application for security vulnerabilities before the application is deployed on a web server. Novel approach is presented for the precise static analysis of PHP code to detect security vulnerabilities in web applications. As dismissed by previous work in this area, a comprehensive configuration and simulation of over 900 PHP built-in features allows us to precisely model the highly dynamic PHP language. By performing an intra- and inter-procedural data flow analysis and by creating block and function summaries, we are able to efficiently perform a backward-directed taint analysis for 20 different types of vulnerabilities. Furthermore, string analysis enables us to validate sanitization in a context-sensitive manner. Our method is the first to perform fine-grained analysis of the interaction between different types of sanitization, encoding, sources, sinks, markup contexts, and PHP settings. We implemented a prototype of our approach in a tool called RIPS. Our evaluation shows that RIPS is capable of finding severe vulnerabilities in popular real world applications: we reported 73 previously unknown vulnerabilities in five well-known PHP applications such as phpBB, osCommerce, and the conference management software HotCRP.

What is RIPS

RIPS is a tool written in PHP to find vulnerabilities in PHP applications using static code analysis. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by userinput (influenced by a malicious user) during the program flow. Besides the structured output of found vulnerabilities RIPS also offers an integrated code audit framework for further manual analysis. 

Features

  • scan and vulnerability statistics
  • grouped vulnerable code lines (bottom up or top down)
  • vulnerability description with example code, PoC, patch
  • exploit creator
  • file list and graph (connected by includes)
  • function list and graph (connected by calls)
  • userinput list (application parameters)
  • source code viewer with highlighting
  • active jumping between function calls
  • search through code by regular expression
  • 8 syntax highlighting designs
  • Code Execution
  • Command Execution
  • Cross-Site Scripting
  • Header Injection
  • File Disclosure
  • File Inclusion
  • File Manipulation
  • LDAP Injection
  • SQL Injection

Download & read more here:

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Become a spy in your own right with Xnspy Android spying app

Having become widely popular among parents and employers, spying apps have become quite the norm nowadays. Android spying apps have made it a lot...

e-Services Portals Potentially Expose Government Infrastructure to File-based Attacks

More and more users are embracing technology to perform their day-to-day activities. It’s not only private businesses that are forced to establish digital channels...

What is Nmap? How to use Nmap for Information Gathering

Nmap stands for Network Mapper, a powerful network scanning and host detection tool that is being used to perform reconnaissance in a very first...

Digital Forensics Investigation using Autopsy In Kali Linux

Autopsy is one of the digital forensics tools use to investigate what happened on a computer. It offers a GUI access to variety of...