This PHP hack works on loads of sites - but not here?

Place to discuss anything, almost. No politics, religion, Microsoft, or anything else that I (the nazi censor) deem inappropriate.
Post Reply
dickinsd
scripter
scripter
Posts: 84
Joined: Sun Jan 30, 2005 2:29 pm
Location: Bristol, UK

This PHP hack works on loads of sites - but not here?

Post by dickinsd »

I would like to know what you did to stop this from working:

I had a post about this:

Add this to any php page ?=PHPE9568F36-D428-11d2-A769-00AA001ACF42

e.g.

http://www.rndinternet.co.uk/?=PHPE9568 ... AA001ACF42

and you get a PHP 'present'

Look at www.php.net top left where the logo is also.

But it doesn't work here, or it doesn't appear to, I was wondering if that was something Void Main had dealt with or if it is just something that phpBB has ripped out?

Dave

dickinsd
scripter
scripter
Posts: 84
Joined: Sun Jan 30, 2005 2:29 pm
Location: Bristol, UK

Post by dickinsd »

Ok have been told now:
If you turn expose_php = off in the php.ini, it wont show.
The default is on, so it shows, just like you can attach a little string to show the phpinfo without actually calling phpinfo(); in a php file.
Dave

User avatar
Void Main
Site Admin
Site Admin
Posts: 5716
Joined: Wed Jan 08, 2003 5:24 am
Location: Tuxville, USA
Contact:

Post by Void Main »

Actually if you are running Red Hat or Fedora PHP RPMS this will not work even if you did have PHP "expose_php = on" (which I don't). Red Hat includes a patch to remove the Easter egg. I noticed the patch several releases back when I was making some custimizations to the stock PHP RPM. I was actually customizing the current release today (creating the php-oci8 Oracle RPM) and noticed it again right before seeing this post. Here is the patch that is still included in the current release of PHP:

http://voidmain.is-a-geek.net/files/pat ... ster.patch

HTMLified version:

http://voidmain.is-a-geek.net/files/pat ... patch.html

As you can see from the patch, there is a credits egg in there as well:

http://www.rndinternet.co.uk/?=PHPB8B5F ... 7B08C10000

Post Reply