Code Execution 03
This exercise is one of our challenges on Code Execution
Course
This lab focuses on the `PCRE_REPLACE_EVAL` modifier in PHP, specifically the `/e` modifier, which causes the `preg_replace` function to evaluate the new value as PHP code before performing the substitution. This functionality, although deprecated as of PHP 5.5.0, has historically allowed attackers to execute arbitrary PHP code by manipulating the regular expression pattern.
Through a hands-on example, you will modify a pattern by adding the `/e` modifier and observe how `preg_replace` attempts to evaluate the value as a constant. By replacing this with a function call to `phpinfo()`, you can visualize the result and understand the potential for executing arbitrary commands using the `system` function. This lab highlights the importance of understanding and preventing such vulnerabilities in PHP applications.