I have been getting into security in php as are many people, but I wrote a script that will submit fake post data to a website to test for security flaws. This in not for hacking. Here it is hope it helps someone:
PHP Code:
<html>
<title>Fake Post Data Generator {writen by Eclipse}</title>
</head>
<body>
<?
/*
Writen by Eclipse
Website: [url]http://www.eclipsethenet.us[/url]
E-mail: [email]admin@eclipsethenet.us[/email]
By using this script you have read the following:
1.) I am not responsible for damage you may cause with this script if any.
2.) This is open source so any changes are not only allowed but encouraged, please send them to my e-mail.
3.) This script is not for 'hacking' it is a way to test security in your own scripts.
*/
if(!isset($_GET["url"]) AND !isset($_GET["set"])){
echo('<form meathod="POST" action="' . $_SERVER["PHP_SELF"] . '">Target URL: <input type="text" name="url" size="60">{leave out protocal}<br>Number of POST data submited: <input type="text" name="set" maxlength="2" size="2"><br><input type="submit" value="Continue"><input type="reset"></form></body></html>');
}
elseif(isset($_GET["url"]) AND isset($_GET["set"]) AND !is_numeric($_GET["set"])){
$string = "<a href=\"". $_SERVER["PHP_SELF"] . "\">Please fill out form correctly.</a> <i>Error Code: 1</i><br>Please go <a href=\"javascript:history.back(-1);\">back</a>";
}
elseif(isset($_GET["url"]) AND isset($_GET["set"]) AND is_numeric($_GET["set"])){
$test = fsockopen($_GET["url"], 80, $errno, $errstr, 30);
if($test){
$set = $_GET["set"];
$set_1 = "0";
$self = $_SERVER["PHP_SELF"];
$url_1 = $_GET["url"];
$url = $self . '?url=' . $url_1;
echo('<form meathod="GET" action="' . $_SERVER["PHP_SELF"] . '">');
While($set_1 != $set){
$set_1 = ++$set_1;
$post = 'post' . $set_1;
echo('Post Data number ' . $set_1 . ': ' . '<input type="text" name="' . $post . '" value="Name"><br>');
}
echo('<input type="hidden" name="FAKE_POST_DATA"><input type="hidden" name="url" value="' . $url_1 . '"><input type="submit" value="Send Post"><form>');
}
elseif(!$test == "FALSE"){
$string = 'Please enter a valid url, go <a href="javascript:history.back(-1);">back.</a>';
}
}
elseif(isset($_GET["FAKE_POST_DATA"]) AND isset($_GET["url"])){
$count = count($_GET) - 2;
$count_1 = "0";
$index = "0";
echo('<form meathod="GET" action="' . $_SERVER["PHP_SELF"] . '">');
while($count_1 != $count){
$count_1 = ++$count_1;
$url = $_GET["url"];
$post_1 = 'post' . $count_1;
$post = $_GET[$post_1];
$post_n = $post . ': ';
echo($post_n . '<input type="text" name="' . $post . '" value="Enter a Value"><br>');
}
echo('<input type="hidden" name="FAKE_POST_DATA_2"><input type="hidden" name="url" value="' . $_GET["url"] . '"><input type="submit" value="Send Data"></form>');
}
elseif(isset($_GET["FAKE_POST_DATA_2"]) AND isset($_GET["url"])){
$url = $_GET["url"];
unset($_GET["url"]);
unset($_GET["FAKE_POST_DATA_2"]);
echo('<form action="http://' . $url . '" meathod="post"><b><i>Sending:</i></b><br>');
foreach($_GET as $i){
while ($name = current($_GET)) {
if ($name == $i) {
$key = key($_GET);
}
next($_GET);
}
echo('<input type="hidden" name="' . $key . '" value="' . $i . '"><b>Name: </b><i>' . $key . '</i> <b>Value: </b><i>' . $i . '</i><br>');
}
echo('<input type="submit" value="Send Data"></form>');
}
hi, eclipse.
only single unusable character and your script won't work. please have a self test. nice try, though. fortunately, this script algorithm won't work for recent php version.
__________________
Useful PHP links:
bugs.php.net - for reporting PHP bugs
pear.php.net - PHP extension and application repository
pecl.php.net - get non standard PHP modules, submit yours
www.phpclasses.org - PHP classes repository
Linear Mode
