So today I was reading up on some SQL injection techniques, and came across one that I had not seen before. I found out that it is possible to use a UNION SELECT with the built-in MYSQL LOAD_FILE function, to read the contents of any file on the system. This only works if the user [...]
Today I wrote a command line PHP mail script. You are able to do this manually with programs such as Netcat or Telnet, but this just makes it easier and quicker. Once you run the script from the command line it will ask you for the host, recipient, email to mail from, subject, and message. [...]
This is a simple script I wrote to do GET/OPTIONS/HEAD requests to a website. It’s a command line PHP script which uses fsockopen to connect to the server. This comes in handy when you need to see headers received from a website. Also, it’s good to see what is returned by the OPTIONS directive.
<?php
if ($argc < 4) {echo ”—————————————————\nHTTP Check Headers Script (Written by Tully Rankin)\nUsage: headers.php [site] [get|head|options] file\nExample: headers.php www.example.com get /\n—————————————————”; exit;} else { $site = $argv[1];}
$request = strtolower($argv[2]);$file = $argv[3];
if ($request == ”get”) { $out = ”GET $file HTTP/1.1\r\n”; $out .= ”Host: $site\r\n”; $out .=”Connection: Close\r\n\r\n”;} else if ($request == ”options”) { $out = ”OPTIONS $file HTTP/1.1\r\n”; $out .= ”Host: $site\r\n”; $out .=”Connection: Close\r\n\r\n”;} else if ($request == ”head”) { $out = ”HEAD $file HTTP/1.1\r\n”; $out .= ”Host: $site\r\n”; $out .=”Connection: Close\r\n\r\n”;} else { echo ”Incorrect Request Type\n”; exit;}
$fp = fsockopen($site,80,$errstr,$errno,30);if (!$fp) { echo ”$errstr ($errno)”; } else { fwrite($fp, $out); while (!feof($fp)) { echo fgets($fp, 1024); }fclose($fp); } ?>
This is a script I wrote to go through a list of URLS and return the Server Response code. This can be used to look for site vulnerabilities such as hidden directories. This example only has a few pages in the array. If you have a big list of common directories, the best way would [...]
HTTP Requests
All HTTP messages (requests and responses) consist of one or
more headers, each on a separate line, followed by a mandatory blank line,
followed by an optional message body.
The first line of every HTTP request consists of three
items, separated by spaces:
A very
indicated the HTTP method. The most commonly used method is GET, whose
function is to retrieve [...]
PHP String Functions & Regular
Expressions
String Functions
Function
What it does
Example
Concatenation
Add’s strings together.
$x . $t
Addslashes($str)
Returns a string with backslashes before characters that
need to be quoted in database queries etc. These characters are single quote
(‘), double quote (“), backslash (\) and NUL (the NULL byte).
string addslashes
( string $str )
Rtrim($x)
rtrim — Strip
whitespace (or other characters) from the end [...]