PHP string not parsing correctly?

Question

I'm trying to run the following:

$file_content[122] = 'Shell "cmd.exe /c cd %appdata% & test.exe -o " . $p. " -u " . $user . " -p " . $pass . "  & pause", vbMaximizedFocus';

The application is running, but it's saying i'm using "$p" not the actual user input

$p is set using $p = $_GET['p'];

$p vs $P ? is that a problem ? and make sure $_GET actually has index of 'p'. — David Lin, Jan 02 '14 at 23:25
Remember to use [`escapeshellarg`](http://php.net/escapeshellarg). — dev-null-dweller, Jan 02 '14 at 23:28
That's also a great opportunity to educate users about not using passwords like `&shutdown`. Or filtering input. — mario, Jan 02 '14 at 23:29

score 3 · Accepted Answer · answered Jan 02 '14 at 23:26

3

When you open a PHP string with a single quote, you need to close it with a single quote to get back to PHP mode.

You are currently using a single quote to start, then a double quote to get to PHP mode.

Try this.

$file_content[122] = 'Shell "cmd.exe /c cd %appdata% & test.exe -o ' . $p. ' -u ' . $user . ' -p ' . $pass . '  & pause", vbMaximizedFocus';

answered Jan 02 '14 at 23:26

duellsy

The problem is that when I enter something like tcp+http://hello.com:8080 for explain it doesn't use the tcp+ how can this be fixed? – Somenoob Jan 02 '14 at 23:29
that would be because the `+` in the URL is being treated as a space, you should accept this answer and open a new question specifically related to your new problem to keep it clean and allow future people to find a similar answer to the problem – duellsy Jan 02 '14 at 23:32
So there's absolutely no way of fixing this? – Somenoob Jan 02 '14 at 23:34
there is, but I'm saying it's a completely different context from your initial question, so should be posted as a separate question since the answer isn't simple enough to tie in nicely – duellsy Jan 02 '14 at 23:36
Yes, but this is reallyespecially for me, $p is basically a URL with a especial protocol e.g. tcp+://hello.com – Somenoob Jan 03 '14 at 00:01

1 Answers1