null byte injection

Post a reply


This question is a means of preventing automated form submissions by spambots.
Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek:

BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON

Topic review
   

Expand view Topic review: null byte injection

null byte injection

by axew3 » Sat Sep 05, 2020 3:19 pm

I've find out "interesting" these readings today:

http://www.madirish.net/401

https://www.php.net/manual/en/security ... lbytes.php
https://resources.infosecinstitute.com/ ... ction-php/

Code: Select all

$input = str_replace(chr(0), '', $input); // remember ever to remove null bytes from input

Top