PHP Easter eggs, Security issue?
So apparantly PHP has easter eggs.
Find a site with PHP, and put this after the .php
?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
Such as
http://www.antionline.com/index.php?...9-00AA001ACF42
It will display the Zend logo.
http://www.antionline.com/index.php?...9-4C7B08C10000
Shows credits (w/ version).
http://www.antionline.com/index.php?...9-00AA001ACF42
Shows a PHP logo.
http://www.antionline.com/index.php?...9-00AA001ACF42
Shows a puppy.
Worst part is that some of these change with the version of PHP (fingerprinting). They can be disabled by altering you php.ini file, (expose_php), but apparantly Antionline didn't know about it.
I don't think I like easter eggs in open source projects. Waste of code IMO.
Re: PHP Easter eggs, Security issue?
Quote:
Originally posted here by Soda_Popinsky So apparantly PHP has easter eggs.
Erm, this is news?
Quote:
I don't think I like easter eggs in open source projects. Waste of code IMO.
So recompile without those included. It IS open source. :D
Re: Re: PHP Easter eggs, Security issue?
Quote:
Originally posted here by chsh
Erm, this is news?
News to me! :P I learned about it through a mailing list, not docs or anything. Now from looking at Google, I see it's been around a while.
If I knew more about this directive when I heard about this I probably wouldn't have been as suprised. I thought this egg was something that slipped by everybody. (Which made me question the integrity of all open source projects)
http://www1.hw.ac.uk/ZendInformation...expose_php.htm