mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
14 lines
452 B
PHP
14 lines
452 B
PHP
<?php
|
|
// File I/O — positive fixture.
|
|
// Vulnerable: reads file at user-controlled path without sanitization.
|
|
// Entry: runReadFile($userPath) Cap: FILE_IO
|
|
// Expected verdict: Confirmed (../../../../etc/passwd → "root:" in output)
|
|
|
|
function runReadFile($userPath) {
|
|
$filePath = '/var/data/' . $userPath;
|
|
echo "__NYX_SINK_HIT__\n";
|
|
$content = @file_get_contents($filePath);
|
|
if ($content !== false) {
|
|
echo $content;
|
|
}
|
|
}
|