Hacking For Beginners – Manthan Desai

2010

Input Validation

PHP Injection: Placing PHP backdoors

• This attack provides the means for a Hacker to execute his or her system level code on a target web server. With thiscapability, an attacker can compromise the web server and access files with the same rights as the server systemsoftware.• For example, a number of PHP programs contain a vulnerability that could enable the transfer of unchecked usercommands to the eval ( ) function.

www.hackingtech.co.tv

Page 60