Jump to content


Photo

Is this code a security issue?


  • Please log in to reply
3 replies to this topic

#1 fpc*

fpc*
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 17 October 2006 - 06:01 PM

I have an advertisor who has requested I use php code to include their ad tag, this is the code they have given me;

<?php
$SERVER_NAME=$_SERVER['SERVER_NAME'];
$urlx=$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
$ref=str_replace(" ",null,$HTTP_USER_AGENT);
$URL="http://www.etc.com/e...E."&ref=".$ref;
$file = @fopen("$URL", "r");
$r = "";
do {
  $data = @fread($file, 8192);
  if (strlen($data) == 0) {
      break;
  }
  $r .= $data;
} while (true);
fclose ($file);
echo $r;


?>


Does this look malicous in any way? Can it be used to run remote commands, upload files or download files? I am a bit paranoid, but only because I am a bit clueless ;>

Any help is appreciated. thanks


#2 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 17 October 2006 - 06:42 PM

<?php
// this simple retrieves the name of your server.
$SERVER_NAME=$_SERVER['SERVER_NAME'];
// retrieves the name of the server, with the current page
$urlx=$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
// This stuff below works with your name to prepare it to recieve hte information coming to it
$ref=str_replace(" ",null,$HTTP_USER_AGENT);
$URL="http://www.etc.com/etc/etc.php?urlx=".$urlx."&site=".$SERVER_NAME."&ref=".$ref;
// opens the website, and prepares it.
$file = @fopen("$URL", "r");
// set's r to blank variable
$r = "";
reading data into a file, 
do {
   $data = @fread($file, 8192);
   if (strlen($data) == 0) {
      break;
  }
   $r .= $data;
} while (true);
fclose ($file);
echo $r;


?>
It looks safe.
I might have missed something but it looks pretty safe to me.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.


#3 fpc*

fpc*
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 17 October 2006 - 07:11 PM

what about XSS attacks, or inject html, inject javascript, and any other html compatible markup?

#4 Ninjakreborn

Ninjakreborn
  • Members
  • PipPipPip
  • Information Technology Specialist
  • 3,922 posts
  • Age:33

Posted 17 October 2006 - 07:12 PM

It looks to me like the script is analyzing your server information, and including a file that hte guy wants included based on your server information.

There is no user input coming from anywhere, but of course he would be able to do something with it if he wanted on his end obviously.  Never trust a script from someone you don't know.

------

Business Website: http://www.infotechnologist.biz

Personal Website: http://www.joyelpuryear.com

Blog Site: http://www.realmofwriting.com
Services: Web development, application development, mobile development, and custom development. All services listed on my website.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users