interesting, but very risking. i am wondering if an evil user could exploit
this and create hoaxes using this 'easter eggs'
i also wonder what impact could have this over the big companies websites
that are using php ;-)

Serban Gh. Ghita
coordonator departament IT
VERASYS International
serban (at) verasys (dot) ro [email concealed]
zamolxe (at) php (dot) net [email concealed]
http://www.verasys.ro
phone1: +40-251-406.152
phone2: +40-251-406.153
cell: +40-788.28.29.10

----- Original Message -----
From: "Andi McLean" <andi_mclean (at) ntlworld (dot) com [email concealed]>
To: <webappsec (at) securityfocus (dot) com [email concealed]>
Sent: Sunday, November 28, 2004 3:21 PM
Subject: Fwd: PHP Easter Eggs

> Hi,
>
> Does anyone know about the easter eggs in PHP?
> I've just found out about them, My trust in PHP has just had a major set
back,
> as I'm wondering what other easter eggs there are and can any be used to
> circumenvent the protection I have on my site.
> I feel like I now need to have a look at the source code, to find out what
> else is there.
>
> <anywebsite.that/uses.php>?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
>
> <anywebsite.thatuses.php>?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
>
> <anywebsite.thatuses.php>?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
>
> eg
> www.jsane.com/index.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
> www.jsane.com/index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
> www.jsane.com/index.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
>
>
> Andi

[ reply ]

interesting, but very risking. i am wondering if an evil user could exploit<br/>
this and create hoaxes using this 'easter eggs'<br/>
i also wonder what impact could have this over the big companies websites<br/>
that are using php ;-)<br/>
<br/>
Serban Gh. Ghita<br/>
coordonator departament IT<br/>
VERASYS International<br/>
serban (at) verasys (dot) ro [email concealed]<br/>
zamolxe (at) php (dot) net [email concealed]<br/>
http://www.verasys.ro<br/>
phone1: +40-251-406.152<br/>
phone2: +40-251-406.153<br/>
cell: +40-788.28.29.10<br/>
<br/>
----- Original Message ----- <br/>
From: "Andi McLean" <andi_mclean (at) ntlworld (dot) com [email concealed]><br/>
To: <webappsec (at) securityfocus (dot) com [email concealed]><br/>
Sent: Sunday, November 28, 2004 3:21 PM<br/>
Subject: Fwd: PHP Easter Eggs<br/>
<br/>
> Hi,<br/>
><br/>
> Does anyone know about the easter eggs in PHP?<br/>
> I've just found out about them, My trust in PHP has just had a major set<br/>
back,<br/>
> as I'm wondering what other easter eggs there are and can any be used to<br/>
> circumenvent the protection I have on my site.<br/>
> I feel like I now need to have a look at the source code, to find out what<br/>
> else is there.<br/>
><br/>
> <anywebsite.that/uses.php>?=PHPE9568F36-D428-11d2-A769-00AA001ACF4
2<br/>
><br/>
> <anywebsite.thatuses.php>?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000
<br/>
><br/>
> <anywebsite.thatuses.php>?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
<br/>
><br/>
> eg<br/>
> www.jsane.com/index.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42<br/>
> www.jsane.com/index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000<br/>
> www.jsane.com/index.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42<br/>
><br/>
><br/>
> Andi

[ reply ]