PHP - Abuse PHP Type Juggling

Type Juggling is a feature of PHP that automatically converts between different data types during comparison and arithmetic operations. It simplifies data comparison but introduces potential security risks, especially if the user input is not properly validated or sanitized.

Here we found how this can be exploited:

Imagine we caught a petition from a login page that sends the username and password values as parameters

POST /login.php HTTP 1.1
...
username=admin&password=admin

We could modify the petition to change the data type of the parameters

POST /login.php HTTP 1.1
...
username[]=admin&password[]=admin #Example converting strings into arrays

This will bypass the authentication as the values are now evaluated as arrays changing the logic of the comparison

PreviousNull Byte Poisoning NextPHP - Bypass using filters

Last updated 5 months ago