Bugtraq mailing list archives
Re: pMachine (PHP) : Include() Security Hole
From: martin f krafft <madduck () madduck net>
Date: Sun, 15 Jun 2003 10:07:56 +0200
also sprach Frog Man <leseulfrog () hotmail com> [2003.06.14.1848 +0200]:
This will work if register_globals is ON *OR* OFF.
Right, because:
while(list($var,$val)=each($HTTP_COOKIE_VARS)) while(list($var,$val)=each($HTTP_GET_VARS)) while(list($var,$val)=each($HTTP_POST_VARS)) while(list($var,$val)=each($HTTP_SERVER_VARS))
you are effectively "turning it on", so to speak.
include ("{$pm_path}config$sfx");
then of course, sfx is going to be a variable, if it's passed into the script via GET_VARS. your mistake is using a variable that wasn't explicitly initialised. other than that i fail to see why this is somethign special. -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck keyserver problems? http://keyserver.kjsl.com/~jharris/keyserver.html get my key here: http://madduck.net/me/gpg/publickey bill gates, 1984: "640 k ought be enough" bill gates, 1995: "the internet is not a primary goal for pc usage" bill gates, 1999: "linux has no impact on microsoft's strategy"
Attachment:
_bin
Description:
Current thread:
- Re: pMachine (PHP) : Include() Security Hole martin f krafft (Jun 17)
- <Possible follow-ups>
- pMachine (PHP) : Include() Security Hole Frog Man (Jun 23)