-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathphpcodeinjection.php
49 lines (38 loc) · 1.08 KB
/
phpcodeinjection.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<?php include_once "includer.php";
function checkInput($data)
{
switch($_COOKIE['security_level'])
{
case "0" :
$data = no_check($data);
break;
case "1" :
$data = xss_check_3($data);
break;
case "2" :
$data = xss_check_3($data);
break;
default :
$data = no_check($data);
break;
}
return $data;
}
?>
<div class="container">
<h1>PHP Code Injection</h1>
<p> What is there <a href="<?php echo($_SERVER["SCRIPT_NAME"]);?>?alien=areYouHuman"> ??? </a> </p>
<?php
if(isset($_REQUEST["alien"])){
if($_COOKIE["security_level"]=="0"){
?>
<p> <b> <?php @eval ("echo ".$_REQUEST["alien"].";"); ?> </b> </p>
<?php
}else{
?>
<p> <b> <?php echo checkInput($_REQUEST["alien"]); ?> </b> </p>
<?php
}
}
?>
</div>