Remote File Variable Injection Safety?
- From: kolb0057@xxxxxxx (Daniel Kolbo)
- Date: Wed, 07 Jan 2009 00:57:49 -1000
Hello,
suppose there is a file at http://otherhost.com/remote.php that looks like this:
<?php
if (!isset($safe_flag))
{
die("hacking attempt");
}
echo "You are in";
?>
Suppose i executed the following php file at http://myhost.com/local.php
<?php
require_once("http://otherhost.com/remote.php";);
?>
Is there any way to get local.php to display "You are in", by only modifying local.php? That is, is there a way to set $safe_flag on the remote host as one requests a file from the remote host from within local.php?
I have genuine, academic, non-belligerent intentions when asking this question.
Thanks,
dK
- Follow-Ups:
- Re: Remote File Variable Injection Safety?
- From: Shawn McKenzie
- Re: [PHP] Remote File Variable Injection Safety?
- From: Stuart
- Re: Remote File Variable Injection Safety?
- References:
- Because you guys/gals/girls/women/insert pc term here are a smart lot
- From: "Frank Stanovcak"
- Re: [PHP] Because you guys/gals/girls/women/insert pc term here are a smart lot
- From: "Dotan Cohen"
- [PHP] IE7 forçando download de arquivo *.php
- From: Zechim
- Re: [PHP] IE7 forçando download de arquivo *.php
- From: Maciek Sokolewicz
- Firebird Backup
- From: Sándor Tamás (HostWare Kft . )
- Re: [PHP] Firebird Backup
- From: Lester Caine
- Re: [PHP] Firebird Backup
- From: Sándor Tamás (HostWare Kft . )
- Because you guys/gals/girls/women/insert pc term here are a smart lot
- Prev by Date: Re: [PHP] Request A Collection of YouTube Videos From Multiple User Accounts using YouTube API
- Next by Date: Re: [PHP] Remote File Variable Injection Safety?
- Previous by thread: Re: [PHP] Firebird Backup
- Next by thread: Re: [PHP] Remote File Variable Injection Safety?
- Index(es):
Relevant Pages
|
