Technology PHP Easter Egg or Exploit?

Get In The Van I Have Candy

Get In The Van I Have Candy

Well-Known Member
#1
#1
If you add "?=PHPE9568F36-D428-11d2-A769-00AA001ACF42" or "?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000" without the quotes to any website that has PHP turn on:

http://www.streethop.com/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
http://www.streethop.com/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000

So the version is:

4.0 is the guy with the pencils in his mouth
4.3 is one of the dogs
5.0 is the rabbit.

Many people are calling it just harmless easter egg's while others aka hackers, some security geeks are thinking of an exploit to it. I looked around other websites about this exploit and these eggs have been in PHP for about 5 plus years. Can these easter eggs be compromised in terms of if there are other back door exploits? I doubt it since they have been there for over 5 years. Here are some more codes:

They also have the logos and credits...

53 #define PHP_LOGO_GUID "PHPE9568F34-D428-11d2-A769-00AA001ACF42"
54 #define PHP_EGG_LOGO_GUID "PHPE9568F36-D428-11d2-A769-00AA001ACF42"
55 #define ZEND_LOGO_GUID "PHPE9568F35-D428-11d2-A769-00AA001ACF42"
56 #define PHP_CREDITS_GUID "PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000"
 
Casey

Casey

Well-Known Member
Staff member
#2
#2
Interesting...My site is php based, I just tried it. Thanx for the info.

If people find ways to exploit it let me know.
 
B

bigmack

New Member
#3
#3
no exploit here,just easter eggs.Everything that uses php uses standard library files.These pictures or the phpcredits are embedded inside these library files.I can't see how this is exploitable,it doesnt make sense
 
Get In The Van I Have Candy

Get In The Van I Have Candy

Well-Known Member
#4
#4
^ Well according to this quote their already bots searching
exposing what is used on the server can help scripts find vulnerable sites. it's as simple as that. There was a phpbb worm that searched google for forums with the vunerable version numbers.

While the root of the insecurity was not fixed by removing the software and version number, it would make it just slightly harder to find.

For optimal settings, why would the server need to tell the browser that the server uses php 4.1 on every request? It makes no sense, so it's good to turn expose php off.
Click to expand...
So take for what it is, just turn off PHP: php.ini -- expose_php = Off;
 
You must log in or register to reply here.

Latest posts

Donate

Any donations will be used to help pay for the site costs, and anything donated above will be donated to C-Dub's son on behalf of this community.

Members online

No members online now.
Total: 180 (members: 1, guests: 179)
Top