WebApp Sec mailing list archives
Re: Fwd: PHP Easter Eggs
From: Saqib.N.Ali () seagate com
Date: Mon, 29 Nov 2004 08:17:38 -0800
Hello Andi, I wouldn't classify this is a easter egg, especially since PHP provides a way to disable it, and also because it is not something the PHP group is trying to hide. Infact the setting to enable/disable this is very clearly stated in the php.ini, and is called "expose_php" . It is used for exposing what the webserver is running, just like server signature e.g. "Apache/1.3.26 (Unix) mod_gzip/1.3.26.1a PHP/4.3.3-dev " . Thanks. Saqib Ali http://validate.sf.net Andi McLean <andi_mclean () ntlworld com> wrote on 11/28/2004 05:21:38 AM:
Hi, Does anyone know about the easter eggs in PHP? I've just found out about them, My trust in PHP has just had a majorset
back,
as I'm wondering what other easter eggs there are and can any be used to circumenvent the protection I have on my site. I feel like I now need to have a look at the source code, to find out
what
else is there. <anywebsite.that/uses.php>?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 <anywebsite.thatuses.php>?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 <anywebsite.thatuses.php>?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 eg www.jsane.com/index.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 www.jsane.com/index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000 www.jsane.com/index.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 Andi
Current thread:
- Re: PHP Easter Eggs, (continued)
- Re: PHP Easter Eggs Griffiths, Ian (Nov 29)
- Re: PHP Easter Eggs Serban Gh. Ghita (Nov 29)
- Re: PHP Easter Eggs Serban Gh. Ghita (Nov 29)
- Re: PHP Easter Eggs Harrison Gladden (Nov 30)
- RE: PHP Easter Eggs V. Poddubnyy (Dec 01)
- Re: PHP Easter Eggs Antonio Varni (Dec 08)
- Re: PHP Easter Eggs Harrison Gladden (Nov 30)
- Re: Fwd: PHP Easter Eggs Alexander Klimov (Nov 29)
- Re: Fwd: PHP Easter Eggs Harald Nesland (Nov 29)
- Re: Fwd: PHP Easter Eggs RSnake (Nov 29)
- Re: PHP Easter Eggs q q (Nov 29)
- Re: Fwd: PHP Easter Eggs Saqib . N . Ali (Nov 30)
- Re: Fwd: PHP Easter Eggs exon (Nov 30)
- Re: PHP Easter Eggs Paul Fierro (Dec 01)
- Re: PHP Easter Eggs Jimi Thompson (Dec 02)
- Re: PHP Easter Eggs Griffiths, Ian (Dec 03)
- SQL injection (no single quotes used) Juan Carlos Calderon (Dec 14)
- Re: SQL injection (no single quotes used) Olivier G. Gaumond (Dec 15)
- Re: SQL injection (no single quotes used) Juan Carlos (Dec 15)
- RE: SQL injection (no single quotes used) Brett Moore (Dec 16)
- Re: Fwd: PHP Easter Eggs exon (Nov 30)
- RE: SQL injection (no single quotes used) Mutallip Ablimit (Dec 15)
- Re: SQL injection (no single quotes used) PD9 Software (Dec 16)