Home > Tutorials > PHP Tutorials

[ZZ] Exploiting PHP Self

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Information Source: Phantom
Eric Butera emailed me with a very interesting topic about protecting against php_self exploits. I thought it might is a good idea to gather a few test cases demonstrating the problem. Why PHP allows these URL ' s is beyond me and it wouldn ' t take much work to filter out these malicious URL ' s in the PHP code .

For any of your that don ' t know, it's possible to inject code into php_self. It works by supplying a "/" after the actual PHP file and then entering your desired code. I ' ve done 4 test cases which show how it's possible to inject JavaScript and perform a redirect on code which doesn ' t filt ER php_self correctly.

Test Case 1

Injects data into a HTTP header, although this scenario is not very likely I thought I would include it to show that even Running Htmlentities or Htmlspecialchars won ' t save you from attack completely.

Test Case 2

Shows how easy it's to inject XSS into links, this is very likely as many PHP applications ofter refer to the same page T o Change the current action/display.

Test Case 3

A Search page often includes references to php_self and can is exploited as easily as links.

Test Case 4

Finally I show how code can is injected directly on the page without the need to break out of anything.

The test cases can be downloaded here:-
Test Cases

    • This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    Get Started for Free

    • Sales Support

      1 on 1 presale consultation

      Chat Contact Sales

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

      Open a Ticket

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

      Learn More