HellBound Hackers
Join us at IRC!
Understanding is the answer, hatred is the problem, and hackers are the slaves abused and destroyed in the process of peace online - Deshouleres
Friday, May 25, 2012
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
HellBoundHackers Additional:
Shop
Learn
Communicate
Submit
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Interact
Other
HellBoundHackers Executive:
HellBoundHackers Leisure:
Members Online
Total Online: 18
Web Spiders: 13
Guests Online: 16
Members Online: 2
Arabian, CrOnUs

Registered Members: 70208
Newest Member: andresuran
Latest Articles
View Thread

HellBound Hackers | Computer General | Increasing Security
Author

Poison Null Protection
x_5631
Member

Posts: 156
Location: Uk
Joined: 22.06.07
Rank: Mad User
Posted on 23-06-08 18:36
Ok well I know it sounds like a noobish and simple question, but I'm looking for a simple way to prevent null byte injections in PHP.

I have looked around a little but I keep finding ways to exploit it rather than fix it.
Author

RE: Poison Null Protection
clone4
Member



Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank: God
Posted on 23-06-08 18:47
Sry not to give you help directly, but I don't know php very well... Anyway I googled string "prevent php null byte injections" without quotes and it returned some interesting I'd useful documents

[img][/img]


spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl
clone_4@hotmail.com
Author

RE: Poison Null Protection
Pwnzall
Member



Posts: 234
Location:
Joined: 10.04.08
Rank: Hacker Level 3
Posted on 24-06-08 03:06
http://www.hackits.de/forum/thread.php?threadid=2052&sid=c0f877cb07d1426fed17d45f341ef29f

The author used a switch case statement that uses pages that are already there as cases and if the user tries to input a page that is not there already, then it goes to the index.php as a default.



Pure madness! There must be a method! There is a method!

Edited by Pwnzall on 24-06-08 03:09
Author

RE: Poison Null Protection
Mr_Cheese
HBH Owner



Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank: God
Posted on 24-06-08 09:15
a switch is deffinatly the way to go about it.

it's a long winded way of doing things, but by far the most secure.

example:

switch($_GET['page']){

case 'home':
include "home.php";
break;

case 'contact':
include "contact.php";
break;

default:
include "home.php";

}
Guest
Username

Password

Remember Me


Bookmark This Page
Affiliates
Adverts

 

 

Links

Anime Wallpaper Site
By using, viewing or obtaining any information contained on this site, you agree to the disclaimer.

© HellBound Hackers 2008- 2009. Since 3rd December 2004.

20612661 Unique Visits

Powered by HBH-Fusion