{"id":13539227,"url":"https://github.com/laruence/taint","last_synced_at":"2025-04-12T22:27:42.838Z","repository":{"id":50306036,"uuid":"3429427","full_name":"laruence/taint","owner":"laruence","description":"Taint is a PHP extension, used for detecting XSS codes","archived":false,"fork":false,"pushed_at":"2024-07-01T04:24:46.000Z","size":239,"stargazers_count":612,"open_issues_count":20,"forks_count":128,"subscribers_count":44,"default_branch":"master","last_synced_at":"2025-04-04T01:11:11.502Z","etag":null,"topics":["c","detect-xss-codes","php","taint"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/laruence.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2012-02-13T11:33:43.000Z","updated_at":"2025-03-31T08:53:36.000Z","dependencies_parsed_at":"2024-08-01T09:22:43.096Z","dependency_job_id":"a9eb7f9c-c66e-4cdc-a9b6-7fb9c446a1a2","html_url":"https://github.com/laruence/taint","commit_stats":null,"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/laruence%2Ftaint","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/laruence%2Ftaint/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/laruence%2Ftaint/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/laruence%2Ftaint/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/laruence","download_url":"https://codeload.github.com/laruence/taint/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248639180,"owners_count":21137794,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c","detect-xss-codes","php","taint"],"created_at":"2024-08-01T09:01:22.046Z","updated_at":"2025-04-12T22:27:42.816Z","avatar_url":"https://github.com/laruence.png","language":"C","funding_links":[],"categories":["\u003ca id=\"683b645c2162a1fce5f24ac2abfa1973\"\u003e\u003c/a\u003e漏洞\u0026\u0026漏洞管理\u0026\u0026漏洞发现/挖掘\u0026\u0026漏洞开发\u0026\u0026漏洞利用\u0026\u0026Fuzzing","安全检查"],"sub_categories":["\u003ca id=\"5d7191f01544a12bdaf1315c3e986dff\"\u003e\u003c/a\u003eXSS\u0026\u0026XXE"],"readme":"# Taint\n[![Build status](https://ci.appveyor.com/api/projects/status/69ucxc2pwx333s3j/branch/master?svg=true)](https://ci.appveyor.com/project/laruence/taint/branch/master)\n\nphp extension used to detect XSS codes(tainted string), And also can be used to spot sql injection vulnerabilities, shell inject, etc.\n\nThe idea is from https://wiki.php.net/rfc/taint, I implemented it in a php extension which make the patch no-needed.\n\nPlease note that do not enable this extension in product env, since it will slowdown your app.\n\n## Requirement\n- PHP-5.2 +\n\n## NOTE\nDue to complication of PHP8.0 implementation, taint is not going to be compatible with PHP8.0+.\n\n## Install\ntaint is an PECL extension, thus you can simply install it by:\n````\npecl install taint\n````\n### Compile taint in Linux\n````\n$/path/to/phpize\n$./configure --with-php-config=/path/to/php-config/\n$make \u0026\u0026 make install\n````\n### Usage\nWhen taint is enabled, if you pass a tainted string(comes from $_GET, $_POST or $_COOKIE) to some functions, taint will warn you about that.\n\n````php\n\u003c?php\n$a = trim($_GET['a']);\n\n$file_name = '/tmp' .  $a;\n$output    = \"Welcome, {$a} !!!\";\n$var       = \"output\";\n$sql       = \"Select *  from \" . $a;\n$sql      .= \"ooxx\";\n\necho $output;\n\nprint $$var;\n\ninclude($file_name);\n\nmysql_query($sql);\n````\n\nThe above example will output something similar to:\n````\nWarning: main() [function.echo]: Attempt to echo a string that might be tainted\n\nWarning: main() [function.echo]: Attempt to print a string that might be tainted\n\nWarning: include() [function.include]: File path contains data that might be tainted\n\nWarning: mysql_query() [function.mysql-query]: SQL statement contains data that might be tainted\n````\n\nIf you need to hide the errors for a particular script, you can:\n````\nini_set('taint.error_level', 0);\n````\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flaruence%2Ftaint","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flaruence%2Ftaint","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flaruence%2Ftaint/lists"}