Due to numerous published comments (at the time the question was asked by me), I believe there is some doubt about the PHP Injection .
So I'll explain a few points.
What is PHP Injection?
It is a form of attack where the attacker uses a PHP script to attack an application written in PHP.
According to Google:
[...] PHP Injection is a technique used on the internet that consists of
inject malicious scripts, making the vulnerable page
the control of the attacker [...]
Generally, this type of attack consolidates when the developer leaves loopholes in upload forms. For example, the malicious person may send a PHP script through that form and then execute it.
The result can be disastrous if the attacker can list directories, delete files, steal sensitive data, etc.
So, PHP Injection is not related to SQL Injection, as some had pointed out in previous comments.
What about SQL Injection?
SQL Injection is an attack consisting of the insertion (known as injection) of a query via the web application.
That is, there is no direct relation to the PHP Injection .
Ways to avoid PHP Injection
Be careful when uploading!
As previously stated, one of the major forms of this attack is through upload forms, where the attacker manipulates the submitted content (usually by sending an unexpected PHP script to the server) and through it has access to server information .
Avoid eval
Another dangerous thing about PHP Injection is the use of the eval
function, which has the power to make a string
into a valid PHP code.
See more information on eval
in the question below:
Caution as modifier e
of function preg_replace
Recently PHP deprecated the e
modifier of the preg_replace
function, since this modifier could use a valid PHP code as a return and is also used by attackers.
See that preg_replace
and e
modifier on this question caused some problems for the developer:
In this question by @RodrigoBorth, it is clear that the code was injected by a cracker on the server where the application is located.
Although deprecated, it's good to be aware of older versions of libraries or legacy applications that might use this switch.
Null Byte Attack
It seems like Null Byte Attack
has already been a problem in PHP in previous versions as well.
See more about it here:
Is SQL Injection related to PHP Injection?
No. These are different issues and, in each case, the safety precautions should be different.
Read about SQL Injection in the question below to draw your conclusions about the differences:
What else not to confuse?
Another thing is to confuse Ataque XSS
with PHP Injection
.
XSS can be done in any other language that does not take care of it.
PHP Injection is something specific to PHP.