i PHP functions that can lead to vulnerabilities – All things in moderation

PHP functions that can lead to vulnerabilities

PHP is a popular server scripting language, and a powerful tool for making dynamic and interactive Web pages. The following are PHP functions you need to careful when used in your code.

PHP functions that can lead to vulnerabilities

1. Database Access
The following PHP functions are used to execute SQL query and get the results. if an attacker can control user input and send the malicious SQL query to the server, then he can access to compromise with the database, also upload a file or run OS command to compromise the system.

  • mysql_query
  • mssql_query
  • pg_query

2. File and Directory Access Control
The following are PHP functions to access the file, if an attacker can control user input and send the malicious input to the server , then he will be able to exploit to Access the file on the server.
File functions

  • Fopen
  • Readfile
  • File
  • Fpassthru
  • Gzopen
  • Gzfile
  • Gzpassthru
  • Readgzfile
  • Copy
  • Rename
  • Rmdir
  • Mkdir
  • Unlink
  • file_get_contents
  • file_put_contents
  • parse_ini_file

Directory Functions

  • chdir
  • chroot
  • closedir
  • dir
  • getcwd
  • opendir
  • readdir
  • rewinddir
  • scandir

3. Include Script
The following are functions used to include PHP scripts. If an attacker can controls input parameters to include and execute malicious code, he will be able to execute the shell command then compromise with the server.

  • Include
  • include_once
  • require
  • require_once
  • virtual

4. Dynamic Code Execution
The following are functions used to insert dynamic PHP scripts. If an attacker can controls input parameters to insert PHP code/functions into the original PHP script, he will be able to execute shell command then compromise with the server.

  • Eval
  • call_user_func
  • call_user_func_array
  • call_user_method
  • call_user_method_array
  • create_function

5. OS Command Execution
The following are functions used to OS command execution. If an attacker can controls input parameters to run the shell command, then compromise with the server.

  • exec
  • Passthru
  • Popen
  • proc_open
  • proc_terminate
  • shell_exec
  • system

6. URL Redirection
The following functions are used to implement HTTP redirect in PHP. If an attacker can control input parameters to insert some malicious URL redirection, then he will able to trick the user to redirect to another malicious website.

  • http_redirect
  • header
  • HttpMessage::setResponseCode
  • HttpMessage::setHeaders

A good cheat sheet to secure your PHP code

OWASP PHP Security Cheat Sheet

Leave a Reply