Timeline for Can valid PHP be written and executed in non-ascii character encodings?
Current License: CC BY-SA 4.0
6 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Oct 26, 2018 at 17:03 | vote | accept | Aaron Cicali | ||
| Sep 20, 2018 at 22:19 | comment | added | Aaron Cicali | I tried calling token_get_all() on the file contents to see what PHP's tokenizer finds, and it concurs. This image does not contain executable PHP, just the PHP opening statement. Additionally, I tried adding code throughout an image and running it, but indeed it does not execute. The code must be ascii, with the exception of string contents. I don't have any official reference to confirm this though. For this particular image, it's actually possible this was not placed there by a bad actor, but was part of a find/replace to remove short open tags from the actual PHP files. | |
| Sep 20, 2018 at 20:54 | vote | accept | Aaron Cicali | ||
| Oct 26, 2018 at 17:02 | |||||
| Sep 20, 2018 at 18:02 | comment | added | Aaron Cicali | Thanks @Sjoerd. Can you provide any references citing this? I want to believe that this is true, but this image seems compelling proof otherwise. I'll edit my question to provide additional discovery. | |
| Sep 20, 2018 at 8:02 | comment | added | Anders | I think you are right, but at the same time I would not say that this does not mean the file is not maliscious in some weird way. Just not sure how. | |
| Sep 20, 2018 at 6:53 | history | answered | Sjoerd | CC BY-SA 4.0 |