SoylentNews

Phoenix666 [soylentnews.org] writes:

This post tries to prove that vulnerabilities can in fact be very subtle [statuscode.ch] and that even people who master their toolkit and libraries can easily fall for them. It is based upon a vulnerability in ownCloud server fixed in June 2015 [owncloud.org].

cURL [curl.haxx.se] is probably known to most readers of this blog. If not: It is a library and command-line tool that can be used to send HTTP requests to other servers. It has an official PHP wrapper [php.net] maintained by the PHP team.

Everybody who has used cURL before will probably agree: cURL is a mighty and complex utility, the PHP wrapper is no exception. Stating it is used to send HTTP requests is a bit of an understatement, it supports as well DICT, FILE, FTP, GOPHER, IMAP, LDAP, POP3, RTMP, RTSP, SCP, SFTP, SMB, SMTP, TELNET and TFTP [curl.haxx.se].

As with any mighty tool, there are a lot of possibilities to shoot yourself in your own foot.

Read on for examples...

Original Submission