2011年9月23日星期五

Gareth Heyes' Blog: Non alphanumeric code in PHP


Gareth Heyes has tried out an interesting experiment - running non-alphanumeric code in PHP using only octal escapes.



So a small php shell was tweeted around and it inspired me to investigate a way to execute non-alphanumeric code. First off I started with the idea of using octal escapes in PHP and constructing the escape so for example: 107 is "G" if I could construct the "107" and add the backslash to the beginning maybe I could construct "G".


A snippet of example code is included showing his octal-based code for creating a "G" (6 lines of pluses, parentheses, equals and a few more characters). By doing some trickery with bitwise operators on strings, he was able to combine characters and make the string "GET". Pretty clever, even if it's not entirely practical.

没有评论:

发表评论