PHP

Security:: Register Globals

Arguably the most common source of vulnerabilities in PHP applications.

• Any input parameters are translated to variables.
  ?foo=bar >> $foo = “bar”;
• No way to determine the input source.
• Prioritized sources like cookies can overwrite GET values.
• Un-initialized variables can be “injected” via user inputs.

  if (authenticated_user()) {
  
  $authorized = true;
  
  }
  
  if ($authorized) {
  
  include '/highly/sensitive/data.php';
  
  }

• Because $authorized is left un-initialized if user
  authentication fails, an attacker could access privileged
  data by simply passing the value via GET.
  http://example.com/script.php?authorized=1


>
• 208
• Oct 06 08 11:08:45
• Sekar
• 


Rating :

Comments No Reply..

Quick Reply or Comments Preview Your Name: Your Reply : <> is a code tag Enter the verification code: