What is Array Exploit And What can black Hat Hacker do with it?
Array Exploit is when hacker puts array brackets in the parameter which gives error showing root paths. for e.g www.example.com/example.php?parameter[]=exampleThis error actually occurs because you may have assigned the $_GET super variable to a PHP builtin function which may only allows variables and doesn't allow arrays.This Cause the error.
Hacker can know the root paths of your website which is useful for them to get gain some black info about your site.
Common attack which hackers use -
UPLOADING SHELL WITH SQL INJECTION in Which they need your site roots directories to upload the shell so they have to use array exploit to get your site root directories.
Vulnerable code to Array Exploit ?
How To Prevent it ?
So to prevent it we will use PHP builtin function "is_array()" to check if whether a variable is an array.
for e.g -
Hi. I’m Mikail Khan(Mkay), 1st a PHP and MySQL programmer plus developer and then, a young Tech Blogger from Pakistan who loves to read and write blogs.Feel free to ask, in-case you have any query regarding computers concat me here!.
0 comments:
Post a Comment