Codeigniter Object Injection Vulnerability via Encryption Key

Codeigniter is one of my favorite PHP framework. Like every one else, I’ve learned PHP MVC programming with this framework. Today, I decided to analyze Codeigniter for PHP Object Injection Vulnerability.

I’ll focus on Session mechanism of Codeigniter at rest of this write-up . All method that I will explain are located in CodeIgniter/system/libraries/Session.php file. Also I used Codeigniter 2.1 stable release for this research.

Codeigniter Session Mechanism

CI use serialization methods of PHP to store variables in user session. But Codeigniter session mechanism is not working like we expect. It stores session variables in client’s cookie. We expect that Codeigniter stores session variables at server side, mostly on disk instead of user cookie. I don’t know why developers decided to this way.

Following description grabbed from codeigniter documentation.

The Session class stores session information for each user as serialized (and optionally encrypted) data in a cookie. Even if you are not using encrypted sessions, you must set an encryption key in your config file which is used to aid in preventing session data manipulation.

In this write-up we will analyze the possibilities of session data manipulation and so on.

Read moreCodeigniter Object Injection Vulnerability via Encryption Key

Codeigniter XSS – CSRF ve Cookie Güvenliği


Codeigniter, PHP ile yeni tanışan geliştiricilerin tercih ettiği popüler framework’lerden bir tanesidir. Framework olarak güvenlik önlemlerine dikkat edilsede, yetersiz kalınmış noktalar bulunmakta. Codeigniter geliştiricilerin bu noktada en çok  dikkat etmeleri gereken 2 madde bulunmaktadır. Bu iki madde ise Cookie’ler ve XSS saldırıları.

Read moreCodeigniter XSS – CSRF ve Cookie Güvenliği