Code Execution 03

This exercise is one of our challenges on Code Execution

PRO
Tier
Medium
< 1 Hr.
12046

Course


This lab focuses on the `PCRE_REPLACE_EVAL` modifier in PHP, specifically the `/e` modifier, which causes the `preg_replace` function to evaluate the new value as PHP code before performing the substitution. This functionality, although deprecated as of PHP 5.5.0, has historically allowed attackers to execute arbitrary PHP code by manipulating the regular expression pattern.

Through a hands-on example, you will modify a pattern by adding the `/e` modifier and observe how `preg_replace` attempts to evaluate the value as a constant. By replacing this with a function call to `phpinfo()`, you can visualize the result and understand the potential for executing arbitrary commands using the `system` function. This lab highlights the importance of understanding and preventing such vulnerabilities in PHP applications.

Want to learn more? Get started with PentesterLab Pro! GO PRO