PHP code entry. Do we have a security risk?

Question

PHP code entry. Do we have a security risk?

We have a simple php file that captures emails. It transfers these letters to a csv file (which is not an executable php). Recently, we had someone who managed to hack our site, and this seemed to be one of the entry points, but I do not see how this is possible. Here's the script:

$fh = fopen('cap.csv', 'a+');
fwrite($fh, "\r".$_GET['email']);
fclose($fh);

Pretty basic right? Anyway, can you think of it?

+3

security php exploit

Jeremy Jun 14 '11 at 12:59

source share

4 answers

, , - csv ( , / $_GET['email']), PHP- .

, script, csv, .

+2

cweiske 14 . '11 13:13

, , - NullByte ( , PHP ). $_GET, eMail .

, . -

http://example.com?email=foo\0somethingmalicious

.

0

Gordon 14 . '11 13:15

The code you specify indicates that you did not sanitize much on the input data. Therefore, you probably have similar problems in other parts of the software.

In addition, even if you do not run the csv file in your application, you can enter PHP code into it.

So, if there is another hole in the application that incorrectly checks the input data and can be used to include files on the server and then include this csv file, remote code execution is possible.

0

hakre Jun 14 '11 at 13:31

source share

Wesley van Opdorp · Accepted Answer · 2011-06-14T13:05:29+0000

Yes, but probably not what you are looking for.

The only thing I can do is:

Add something to your file, add only.
(optional / bonus). Open the file directly if you have not secured it and stolen all email addresses.

- -. ( - ). - !

PHP code entry. Do we have a security risk?

More articles: