eval?

**Atli** · Aug 19 '08, 02:19 AM

What?
That code make absolutely no sense...
It just creates two variables, and then sets the first one like the second one.

What are you trying to do?
Please explain in more (any) detail.

As a full member now, I would expect you to know at least the most basic of our forum rules.
Please review the Posting Guidelines, especially the parts about How to ask a question and Use a good thread title.

I will be changing the title of the thread into something more suitable as soon as I know what it is you are asking about.

MODERATOR

**Thekid** · Aug 19 '08, 08:29 PM

Sorry for any confusion over the lack of information in the original post but this is what I've been given:

A user codes this PHP code. Set arg to execute /etc/bin/thekid.
$store = "thk".'f'; $y = $_GET['arg']; eval("\$store = \$y;");

The goal is to recognize problems with simple lines of code and be able to correct or prevent them. Apparantly this is an old eval injection vulnerability and I found this online:

Code:

An eval injection vulnerability occurs when someone can control 
all or part of an input string that is fed into an eval() function 
call. Eval will execute the argument as code. The security 
implications for this are obvious. This issue has been known for 
years [2]:


Example: 


  $myvar = "varname"; 
  $x = $_GET['arg']; 
  eval("\$myvar = \$x;"); 


  What happens if arg is set to "10 ; system(\"/bin/echo uh-oh\");" ?

I don't have to get the code to actually work or do anything, I just needed the proper syntax to submit it. I initially didn't think it was an eval() problem but I found the above example today and see that it is.

eval?

eval?

Comment

Comment