Page 1 of 1

cURL Vulnerability?

Posted: Wed Jul 08, 2009 1:26 pm
by Mr. Larkins
Hi,

I am no expert (by far) but I have written some small PHP codes for a few websites. Nothing fancy. However, I have 2 websites in particular that get 'hacked' regularly. Seems each time, some malicious code, usually script tags, is added outside of my regular html code. I do use cURL in a few of the pages and I'm wondering if that is the avenue of my attacks. Any insight is appreciated.

here's an example of how I use it

Code: Select all

 
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "a link to another file on same server");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_exec($ch);
curl_close($ch);
?>

Re: cURL Vulnerability?

Posted: Wed Jul 08, 2009 3:33 pm
by kaisellgren
There's nothing wrong with the code. It's something else that opens the doors to attackers. I think some part of your application lacks of proper input handling.

Re: cURL Vulnerability?

Posted: Wed Jul 08, 2009 8:40 pm
by Mr. Larkins
ok, thanks

Re: cURL Vulnerability?

Posted: Thu Jul 09, 2009 12:58 am
by SvanteH
As kaisellgren said, only *.php pages with input from the user may be the source of an attack like that. (correct me if I am wrong)

Re: cURL Vulnerability?

Posted: Thu Jul 09, 2009 5:54 am
by kaisellgren
That's usually the case.

Re: cURL Vulnerability?

Posted: Tue Jul 28, 2009 7:58 am
by Mr. Larkins
my forums are the only webpages with user input...and i've upgraded those to the latest version. thanks for the info