I was learning the php vulnerabilities. and I have a php code like this
<?php
if(isset($_GET['hi']) &&
!preg_match("/work/i", $_SERVER['QUERY_STRING']) &&
$_GET['hi'] === 'work hard')
echo "DETOUR SUCCEED" ?>
I want to echo "DETOUR SUCCEED"
I've been searching for ways to detour the preg_match. But I could not.
I think this preg_match is vulnerable because of a space between work and hard. But I'm not sure. Please help me figure out