Jump to content


This topic is now archived and is closed to further replies.

tarka dhal

code injection into crypt function?

Recommended Posts

Hi, I am writing a function to authenticate against a NIS server (If I had a choice to not use NIS I would... but that is a seperate discussion!). I always make sure that user supplied input is properly validated before using it anywhere but the problem I have is that a users password in this case can contain pretty much any special character (I have no control over this). Now the only place I reference the user supplied password is within the crypt function as follows... (the field array being the fields from the passwd.byname map/password file).

if (crypt($_POST['password'], substr($field[1], 0, 12)) == $field[1]) {
         echo "authenticated";

Obviously using add_slashes etc is going to break the password checking, so my concern is whether it is possible to inject code into the crypt function. eg something like...

$_POST['password'] = "'a')) { echo 'hacked'; #";

I have tested setting the variable like this and can't break it or produce any sort of error or undesired behaviour, but I just wanted reassurance about the way the crypt function works eg does it expand the variable passed to it hence allowing some form of code injection or does it simply do what you want it to with the variable regardless of what it contains?

Sorry, was going to try and keep it short... didn't turn out that way!


Share this post

Link to post
Share on other sites


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.