Courses / Remote Code Execution (RCE)

RCE in PHP

Last Edit: 10-05-2024

Pro Chapter

This chapter is exclusive to Pro members

Upgrade to Pro to unlock:

Full access to all courses & chapters
Advanced learning materials
New Courses and Labs every month

Exclusive Guided Mode in Labs
Official step-by-step solutions
All Labs features (extend time, etc)

Upgrade to Pro Now $11.33/mo Yearly Plan $8.50/mo

RCE allows an attacker to run their own code on a remote machine over the network. In PHP applications, this often results from security flaws that improperly handle user input or system outputs.

Common Sources of RCE Vulnerabilities in PHP

1. Eval() Function

The eval() function in PHP evaluates a string as PHP code.

If this function improperly handles user input, it can execute malicious code.

For example: php $code = $_GET['code']; eval($code);

Here, if an attacker passes PHP code through the code

parameter in the URL, the server will execute it.

2. include() and require() Statements

These statements are used to include files during execution.

If not properly validated, user input can lead to inclusion of files that contain malicious code, or even remote files.

For example: php $file = $_GET['fil

Pro Content

This chapter contains advanced content available to Pro members only.

Upgrade to Pro

Course Summary

Courses / Remote Code Execution (RCE)

RCE in PHP

Pro Chapter

Upgrade to Pro to unlock:

Common Sources of RCE Vulnerabilities in PHP

1. Eval() Function

2. include() and require() Statements

Pro Content

Course Summary

RCE: Introduction

RCE in PHP

Shellshock (CVE-2014-6271)