[19386] in bugtraq
Re: Yet another hole in PHP-Nuke
daemon@ATHENA.MIT.EDU (Joe)
Tue Feb 27 14:50:52 2001
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.3.95.1010226122259.22599A-100000@animal.blarg.net>
Date: Mon, 26 Feb 2001 12:43:15 -0800
Reply-To: joe@blarg.net
From: Joe <joe@blarg.net>
X-To: Joao Gouveia <tharbad@kaotik.org>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <003701c09e03$4828d560$0400a8c0@corbusier.org>
On Sat, 24 Feb 2001, Joao Gouveia wrote:
> The same two tests aplied to an include($string)
> magic_quotes_gpc On, output: Warning: Failed opening 'tes\0t' for
> inclusion
> magic_quotes_gpc Off, output: Warning: Failed opening 'tes' for
> inclusion
> So, everything after the NULL was ignored.
>
> Of course, one that who uses magic_quotes_gpc turned on isn't expecting this
> kind of behaviour.
On a side note to other PHP developers, if your code is expecting Magic
Quotes to be on, then there's no reason for this particular problem as
Magic Quotes can be programatically controlled:
if( ! get_magic_quotes_gpc() ) {
set_magic_quotes_runtime(1) or die("could not enable magic quotes");
}
Anyone using PHP should have this bit-o-code somewhere near the start of
program execution, since few servers are ever built with the same
features or options enabled it just makes sense to check for the stuff your
code needs - especially since magic quotes can help make exploiting a PHP
script much more difficult.
--
Joe Technical Support
General Support: support@blarg.net Blarg! Online Services, Inc.
Voice: 425/401-9821 or 888/66-BLARG http://www.blarg.net
