Code Execution 03
Bookmarked!This exercise is one of our challenges on Code Execution
This lab focuses on the PCRE_REPLACE_EVAL
modifier in PHP, specifically the /e
modifier, which causes the preg_replace
function to evaluate the new value as PHP code before performing the substitution. This functionality, although deprecated as of PHP 5.5.0, has historically allowed attackers to execute arbitrary PHP code by manipulating the regular expression pattern.
Through a hands-on example, you will modify a pattern by adding the /e
modifier and observe how preg_replace
attempts to evaluate the value as a constant. By replacing this with a function call to phpinfo()
, you can visualize the result and understand the potential for executing arbitrary commands using the system
function. This lab highlights the importance of understanding and preventing such vulnerabilities in PHP applications.