Sorry for any confusion over the lack of information in the original post but this is what I've been given:
A user codes this PHP code. Set arg to execute /etc/bin/thekid.
$store = "thk".'f'; $y = $_GET['arg']; eval("\$store = \$y;");
The goal is to recognize problems with simple lines of code and be able to correct or prevent them. Apparantly this is an old eval injection vulnerability and I found this online:
-
An eval injection vulnerability occurs when someone can control
-
all or part of an input string that is fed into an eval() function
-
call. Eval will execute the argument as code. The security
-
implications for this are obvious. This issue has been known for
-
years [2]:
-
-
-
Example:
-
-
-
$myvar = "varname";
-
$x = $_GET['arg'];
-
eval("\$myvar = \$x;");
-
-
-
What happens if arg is set to "10 ; system(\"/bin/echo uh-oh\");" ?
-
-
I don't have to get the code to actually work or do anything, I just needed the proper syntax to submit it. I initially didn't think it was an eval() problem but I found the above example today and see that it is.