What is 'YTowOnt9'?

346
votes

Our (PHP) framework sometimes renders hidden inputs with value YTowOnt9. I can't find that string anywhere in the (huge) codebase, and can't figure out where it came from. I decided to Google for that particular string, and the result surprised me. Over half a million - kind of random - hits. I haven't found any page describing the value itself. It has 0 hits on Stack Overflow.

Is YTowOnt9 some kind of magic string?

1
phphtmloutput
Always the same value? If it were random, I would say it could be a CSRF token or something like that. - Platinum Azure
Always the same value; this exact same value has 500.000 hits on Google. - Sherlock
It looks like a salt or token for something. Is it always the same string? Even if you logout and delete cookies/cache or use another browser? - Jurik
What PHP framework are you using? - j08691
It's a custom framework, and please note the fact that this string occurs hundreds of thousands of times on Google. - Sherlock

1 Answers

564
votes

It seems to be a PHP-serialized empty array, base 64 encoded.

$ base64 -D <<< 'YTowOnt9'
a:0:{}
$ php -r 'var_dump(unserialize(base64_decode("YTowOnt9")));'
array(0) {
}

There are many scripts that serialize arrays of data. When the arrays have data, they vary greatly, so the Base64 encoded PHP-serialized values do too, but when they are empty they are all the same. It makes it look as if a lot of very different PHP scripts have this random string in common.