• Computer Science
  • Published in
    International Conference for…
    2012

Two novel server-side attacks against log file in Shared Web Hosting servers

@article{Mirheidari2012TwoNS,
  title={Two novel server-side attacks against log file in Shared Web Hosting servers},
  author={Seyed Ali Mirheidari and Sajjad Arshad and Saeidreza Khoshkdahan and Rasool Jalili},
  journal={2012 International Conference for Internet Technology and Secured Transactions},
  year={2012},
  pages={318-323}
}
Shared Web Hosting service enables hosting multitude of websites on a single powerful server. It is a well-known solution as many people share the overall cost of server maintenance and also, website owners do not need to deal with administration issues is not necessary for website owners. In this paper, we illustrate how shared web hosting service works and demonstrate the security weaknesses rise due to the lack of proper isolation between different websites, hosted on the same server. We… CONTINUE READING

Citations

Publications citing this paper.
SHOWING 1-4 OF 4 CITATIONS

A Comprehensive Approach to Abusing Locality in Shared Web Hosting Servers

VIEW 12 EXCERPTS
CITES BACKGROUND & METHODS

Sniper: A framework for detecting attack attempts to open source web applications at the run time

  • Abdullah Almurayh
  • Computer Science
  • Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014)
  • 2014
VIEW 1 EXCERPT
CITES BACKGROUND

References

Publications referenced by this paper.
SHOWING 1-9 OF 9 REFERENCES

The Challenge with Securing Shared Hosting

  • H. Stuart
  • http:// blog.stuartherbert.com/php/2007/11/21/the-challenge-withsecuring-shared-hosting/ (Access date:
  • 2012
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

FYI: You got LFI

  • T. Be'ery
  • Black Hat Europe, Amsterdam, Netherlands, March 14-16 2012.
  • 2012
VIEW 2 EXCERPTS

Performance Evaluation of Shared Hosting Security Methods

VIEW 2 EXCERPTS

Securing A Shared Web Server

  • C. Chary, C. Khamly
  • http:// xf.iksaif.net/papers/securing-a-shared-web-server.pdf (Access date:
  • 2012
VIEW 2 EXCERPTS

Shared Hosting Security Concepts, Threats & Solutions

  • M. Dees
  • http://docs.cpanel.net/twiki/pub/AllDocumentation/ TrainingResources/TrainingSlides08/SharedHostingSecurity.pdf (Access date:
  • 2012
VIEW 1 EXCERPT

LFI to RCE Exploit with Perl Script

  • CWH Underground
  • Dec 2008.
  • 2008
VIEW 2 EXCERPTS

Defacements Statistics 2008 - 2009 - 2010 *

  • W. Joosen Nikiforakis
  • The Ten Most Critical Web Application Security Vulnerabilities Doupe , " Why Johnny Can ’ t Pentest : An Analysis of Black - box Web Vulnerability Scanners Securing PHP Web Applications