Protect PHP Application

Instructions to protect PHP application with K2 Platform

Overview

In this section, we outline the steps for protecting your first PHP application with the K2 Platform.

Prerequisites

Please check our support matrix for PHP.

Language	Server	DBs	Attack Coverage	Deployments	Supported OS
PHP 5.4 PHP 5.5 PHP 5.6 PHP 7 (All versions) PHP 8	Apache (pre fork) (mod_php handler), Apache (Prefork, Event and worked using PHP-FPM)	MYSQL Procedural Object-Oriented PDO MSSQL Procedural Object Oriented PDO POSTGRESQL Procedural Object Oriented PDO	RCE LDAP Application Integrity Violation File Access Attacks Read Access Write Access SSRF SQL Injection XSS XPath	Host Mode Container Mode	CentOS (7) Ubuntu (16.04, 18.04) RHEL (7) Debian Fedora

Steps

Step 1 : K2 Portal and Account Creation

We need to make sure In order to use K2 Platform You need to create an account on K2 Portal.

K2 Portal can be used as SaaS model or you can deploy entire portal on your On-Premises.

K2 SaaS(Recommended)

K2 Platform is offered as SaaS software and can be used directly visiting SaaS portal i.e. https://k2io.net or if you are an AWS customer then you can buy subscription to K2 SaaS portal on AWS Marketplace.

For more details checkout our page

K2 Portal As SaaS

K2 On-Premises

At this point you have successfully created an account with K2 Portal

Step 2 : K2 Agents Installation

Install K2 Agent in your environment to perform CVE Scan and Vulnerability Detection in your applications.

Choose the environment from tabs below and follow the instructions for agent installation.

Node/VM/EC2

Checkout our K2 Agents Installation Page for Node/VM/EC2

Node/VM/EC2

Kubernetes

AWS ECS/Fargate

AWS EKS

Windows

Step 3 : Protect PHP Web Application

‌To protect your PHP web applications and APIs, your application must be started with K2's PHP Language Agent.

Please choose your environment and go through K2's PHP language agent installation from below tabs and follow instructions

Node/VM/EC2

Checkout our PHP Language Agent Installation Page for Node/VM/EC2

Node/VM/EC2

Step 4 : Attacking and Preventing first Attack

For demonstration purposes we are creating a docker container with non secure application and running it with our already downloaded K2 PHP language agent.

docker run -itd  -v /opt/k2-ic:/opt/k2-ic/ -p 8091:8091 --name syscall k2cyber/ic-test-application:php-syscall-app

Attach PHP Agent

bash /opt/k2-ic/k2-php-agent/k2_php_agent_install_script.sh --allow-server-restart=TRUE

SQL Injection Attack

curl --location --request GET 'http://localhost:8091/syscall-app/sqli.php?firstname=PHP%27+or+%271%27%3D%271'

Now you can go to Attacks section in K2 Manager and see there will be one attack captured by K2 Manager or Alternatively go to Attacks | K2 Portal.

Congratulations you've successfully prevented SQL injection attack.

What Next ?

if you are interested in looking at various genres of attacks prevented by K2 platform, Checkout below page

Run Demo Exploits