My site was just bombarded by an attacker trying to pass "php://input" into any GET/POST variable they could think of. If this is trying to take advantage of a vulnerability, I'm unaware of it. What could this user be trying to exploit?
http://www.owasp.org/index.php/Top_10_2007-Malicious_File_Execution
php://input reads data from the incoming request. Basically, what the attacker might be trying to do is pass "php://input" into a weak php directive such as:
include $_REQUEST['filename'];
It would allow the attacker to send the "contents" of the php file to execute via the request, thereby allowing him to execute php code on your machine
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With