Re: Re: Remote File Variable Injection Safety?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Stuart wrote:
2009/1/7 Shawn McKenzie <nospam@xxxxxxxxxxxxx>:
Daniel Kolbo wrote:
Hello,

suppose there is a file at http://otherhost.com/remote.php that looks
like this:

<?php
if (!isset($safe_flag))
{
   die("hacking attempt");
}
echo "You are in";
?>

Suppose i executed the following php file at http://myhost.com/local.php

<?php
require_once("http://otherhost.com/remote.php";);
?>

Is there any way to get local.php to display "You are in", by only
modifying local.php?  That is, is there a way to set $safe_flag on the
remote host as one requests a file from the remote host from within
local.php?

I have genuine, academic, non-belligerent intentions when asking this
question.
local.php

<?php

$safe_flag = 1;
require_once("http://otherhost.com/remote.php";);

?>

If the remote side is returning the code rather than running it then
anyone can see exactly what to do to get it to work. There is no
security there.

OP: Does otherhost.com run the code or return it?

-Stuart

otherhost.com runs the code.
dK

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux