Login   Register  
PHP Classes
elePHPant
Icontem

base64_decode and base64_encode functions are one of the most...

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us

      PHP Vulnerability Scanner  >  All threads  >  base64_decode and base64_encode functions are one of the most...  >  (Un) Subscribe thread alerts  
Subject:base64_decode and base64_encode functions are one of the most...
Summary:Package rating comment
Messages:2
Author:Artur Graniszewski
Date:2010-09-02 13:31:28
Update:2010-09-02 14:14:17
 

Artur Graniszewski rated this package as follows:

Utility: Insufficient
Consistency: Good
Examples: Sufficient

  1. base64_decode and base64_encode functions are one of the most...   Reply  
Picture of Artur Graniszewski
Artur Graniszewski
2010-09-02 13:31:31
base64_decode and base64_encode functions are one of the most useful mechanism used to store binary data in databases or pass binaries through binary-unsafe protocols (like SOAP or REST). Your class threatens this functions as potentially dangerous.

For me, you should scan files for "eval" (in conjunction with base64_decode and a long param), "iframe", or include/requre(_once) pointing to remote files.

  2. Re: base64_decode and base64_encode functions are one of the mos   Reply  
Picture of Er. Rochak Chauhan
Er. Rochak Chauhan
2010-09-02 14:14:17 - In reply to message 1 from Artur Graniszewski
Hi Artur,

I agree with you... but you must have noticed I have provided an option to pass any function/keyword to be scanned.

Your point is well noted.

Thanks.

Rochak Chauhan