big-list-of-naughty-strings icon indicating copy to clipboard operation
big-list-of-naughty-strings copied to clipboard

Published 20 hours ago verified publisher icon minimaxir

preg replace strings

Open neerolyte opened this issue 5 years ago • 0 comments

Would be good to include some strings that replace part or all of the matched pattern in common regex libraries e.g:

  • $0, ${0} or \0
  • $1, ${1} or \1

The first set replaces the entire matched pattern back in the output in PHP preg_replace, the second set replaces the first group in the matched pattern.

In both cases they can be used to corrupt strings in interesting ways by attackers if part of the replacement pattern is controlled.

neerolyte avatar Oct 24 '18 22:10 neerolyte