Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
I want a better understanding of what I'm looking at when an attack is reported to me. I'm hoping you guys can help me out by breaking down a URL for me and sending me to the correct sources to get more information. Example URL:
My understanding was that a server responds with 200 when the request succeeded. I'm guessing the above URL didn't break anything as far as the server was concerned so it sent a 200 repsonse. And if I load this in the browser, it continued to load the page as expected. So what was this URL trying to do exactly? Thanks!
The last part looks like an attempt to elevate a LFI into code execution as /proc/self/environ, can control attacker-controlled strings.
The javascript looks like an attempt at XSS. Why try both at the same time is a puzzle. Maybe it's a misbehaving automated attack script?