Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Fwd: PHP Easter Eggs

from [Saqib . N . Ali] Network Security [Permanent Link]
Subject: Re: Fwd: PHP Easter Eggs
Date: Mon, 29 Nov 2004 08:17:38 -0800 




Hello Andi,

I wouldn't classify this is a easter egg, especially since PHP provides a
way to disable it, and also because it is not something the PHP group is
trying to hide. Infact the setting to enable/disable this is very clearly
stated in the php.ini, and is called "expose_php" .

It is used for exposing what the webserver is running, just like server
signature e.g. "Apache/1.3.26 (Unix) mod_gzip/1.3.26.1a PHP/4.3.3-dev " .

Thanks.
Saqib Ali
http://validate.sf.net

Andi McLean <andi_mclean@ntlworld.com> wrote on 11/28/2004 05:21:38 AM:


Hi,

Does anyone know about the easter eggs in PHP?
I've just found out about them, My trust in PHP has just had a majorset

back,

as I'm wondering what other easter eggs there are and can any be used to
circumenvent the protection I have on my site.
I feel like I now need to have a look at the source code, to find out

what

else is there.

<anywebsite.that/uses.php>?=PHPE9568F36-D428-11d2-A769-00AA001ACF42

<anywebsite.thatuses.php>?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000

<anywebsite.thatuses.php>?=PHPE9568F34-D428-11d2-A769-00AA001ACF42

eg
www.jsane.com/index.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
www.jsane.com/index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
www.jsane.com/index.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42


Andi
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: PHP Easter Eggs, Harrison Gladden
Next by Date:  RE: Article - A solution to phishing, Dave Jevans
Previous by Thread:  Re: PHP Easter Eggs, Antonio Varni
Next by Thread:  Re: Fwd: PHP Easter Eggs, exon
Indexes:  [Date] [Thread] [Top] [All Lists]