• View our reviews on Hot Scripts
  • JS Tutorial

Recent Comments

Powered by Disqus

Back to articles

PHP easter eggs

There is an easter egg in PHP configuration that also allows you to detect a possible vulnerability.

Inside the php source within php-source/ext/standard/info.h (lines 53 to 56), there are 4 code defining PHP logos like this:

#define PHP_LOGO_GUID "PHPE9568F34-D428-11d2-A769-00AA001ACF42"
#define PHP_EGG_LOGO_GUID "PHPE9568F36-D428-11d2-A769-00AA001ACF42"
#define ZEND_LOGO_GUID "PHPE9568F35-D428-11d2-A769-00AA001ACF42"
#define PHP_CREDITS_GUID "PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000"

By adding these codes to any url on your server like index.php?=PHPE9568F36-D428-11d2-A769-00AA001ACF42, it might show you different picture. A picture you'll see depends on code you used and version of PHP you have.

So if you add any of the codes above to any url of your server and it shows you a PHP easter egg picture, it means that expose_php setting is turned on (It is turned on by default). You may want to turn off this setting so you won't expose that you are using PHP thus saying others to try all potential PHP vulnerabilities.

You may also be interested in:

Powered by

blog comments powered by Disqus