$_GET Vulnerable?

$_GET Vulnerable?

sprinkles

Chrome Whore
2009 Sep 6 • 2546
10 ₧
I was jus' wondering if $_GET was vulnerable, like to mysql injection, xss, or whatever?
 
 
2012 Jan 29 at 13:31 PST
SuperJer
Websiteman

2005 Mar 20 • 5138
I'm not sure what you mean?

$_GET contains an element for every key in the URL's query string.

So a URL like:

hxxp://example.com/page?a=1&b=1&c=lol

populates $_GET with

$_GET['a'] = 1;
$_GET['b'] = 2;
$_GET['c'] = "lol";


It's entirely injection, I guess. You shouldn't trust what's in it, obviously, since anyone can put anything in a URL.
 
 
2012 Feb 3 at 19:28 PST — Ed. 2012 Feb 3 at 19:29 PST
SuperJer
Websiteman

2005 Mar 20 • 5138
MySQL injection is when, for example, you do this:

php code

<?php

mysql_query
("SELECT * FROM yodawg WHERE id=" . $_GET['id']);

?>



because an attacker can use a URL like:

hxxp://example.com/page?id=1 OR 1

which will then SELECT everything in your table.
 
 
2012 Feb 3 at 19:32 PST
MadwiX
2012 Feb 10 • 11
SuperJer said:
MySQL injection is when, for example, you do this:

php code

<?php

mysql_query
("SELECT * FROM yodawg WHERE id=" . $_GET['id']);

?>



because an attacker can use a URL like:

hxxp://example.com/page?id=1 OR 1

which will then SELECT everything in your table.


What about raw _GET method. No MySQL, no database.
What I mean is, is _get method vulnerable to any attack by itself.
 
 
2013 Feb 2 at 18:16 PST
SuperJer
Websiteman

2005 Mar 20 • 5138
MadwiX said:

What about raw _GET method. No MySQL, no database.
What I mean is, is _get method vulnerable to any attack by itself.


The question doesn't really make sense. _GET is not a method. It is just a list of the URL parameters. You have to do something with the parameters unsafely to lead to a vulnerability.
 
 
2013 Feb 3 at 15:29 PST
sprinkles

Chrome Whore
2009 Sep 6 • 2546
10 ₧
How does the url get into $_GET?
 
 
2013 Feb 7 at 19:44 PST
SuperJer
Websiteman

2005 Mar 20 • 5138
sprinkles said:
How does the url get into $_GET?


Your webserver forks the URL over to mod_php, which cuts it up into pieces and jams it into $_GET.

It's all forks and cuts and jam.
 
 
2013 Feb 8 at 23:14 PST
sprinkles

Chrome Whore
2009 Sep 6 • 2546
10 ₧
The cvar cuts the jam with a fork?
 
 
2013 Feb 11 at 18:07 PST
Page [1]