Re: PHP Security Risk?

From: Simon (simon_at_xhz.ca)
Date: 12/02/04

  • Next message: Kevin Davis: "Re: Windows Messenger Pop-up spam"
    Date: Thu, 02 Dec 2004 15:35:36 -0500
    To: Stephane Auger <stephaneauger@pre2post.com>
    
    

    It all depends on how you handle the file after it has been uploaded. Is it
    sent in a public directory, accessible from the web?

    Take the following very simple example:

    I have a very malicious PHP script that gets all the information I need to crack
    your machine.

    I upload it through the upload script you have.
    I execute the file because it is now on your server and is public.

    The upload in itself is not a problem. It's what you do with the uploaded data
    that may cause trouble. Remember to never ever trust what can be input from
    public users (even private users), variables, get/post, files...

    HTH,
       Simon

    Stephane Auger wrote:

    > Hi guys,
    >
    > I don't know if this is the right mailing list to ask this, if not
    > don't hesitate to warn me. I'm using a Windows Server 2003 with IIS6
    > and PHP5. Fully patched, by the way. Someone asked me to enable the
    > file-upload function in PHP so people could upload files to his web
    > site, which is one of many I host. Does anyone know if file uploading
    > in PHP could cause a security risk on the server? I know there used to
    > be many flaws in the old versions, but I don't know about now... I
    > haven't seen anything recent about this. Thanks for your help!
    >
    > Stephane Auger
    >
    >


  • Next message: Kevin Davis: "Re: Windows Messenger Pop-up spam"

    Relevant Pages