I have a small script which uses curl and retrives specific contents from a defined url. I had this tested on my localhost and it worked.
Now I have to retrive data from a HTTPS-only website (plus, the certificate is invalid, but I know the owners) from my free hosting, but the myserver neither supports CURL nor file_get_contents("https://other-server.com") function. By the way, http://other-server.com isn't accesible.
Is there any method to fetch a file from this server using the HTTPS port, but with HTTP protocol? Or is there some method to use HTTPS, altough my server doesn't support it? (It isn't my server, I haven't access to its configuration)
Try this:
<?php
$fp = fsockopen("ssl://other-server.com", 443, $errno, $errstr);
if(!$fp) die($errno. " : " . $errstr);
$send =
"GET / HTTP/1.0\r\n".
"Host:other-server.com\r\n".
"Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n".
"\r\n";
fwrite($fp, $send);
while(!feof($fp)) {
echo fread($fp, 512);
}
?>
Should you run into 'ssl transport not available error message', see Socket transport "ssl" in PHP not enabled
If your host is external and perhaps a free webhosting service, you are fresh out of luck.. Best option would be to figure out which webhosts has the SSL transport enabled - otherwise the working with HTTPS protocol simply will not comply.
Your last 'out' is to try to load extension into PHP language dynamically. You will need the excact extension (dll/so) which matches
the PHP version on host (see phpinfo).
the CPU architechture of host (unix, see passthru("cat /proc/cpuinfo");), e.g. amd64,i386..
the OS 'layout', .dll is for a windows host (IIS etc) and .so for UNIX.
Funcition to use is dl aka dynamic-link to load the library. For windows host, you will need php_openssl.dll and php_sockets.dll - and in turn for UNIX, OOops - you would need to recompile php core..
Happy hacking :)
php-man-pages
Related
My code should check email boxes via proxy with PHP using SSL.
Zend\Mail package provides implementation of both protocols without php extention and fits fine.
I partially override connect() method by code:
$this->socket = fsockopen($proxy, $proxy_port, $errno, $errstr, self::TIMEOUT_CONNECTION);
$this->sendRequest("CONNECT {$host}:{$port} HTTP/1.1");
$this->sendRequest("Host: {$host}:{$port}");
$this->sendRequest($userAgent);
$this->sendRequest("Proxy-Authorization: basic " . base64_encode("$user:$pass") . "\r\n");
// Remove 2 lines with proxy response
fgets($this->socket);
fgets($this->socket);
With unsecure connection everything works fine, but not works for secured port.
Connections on 110 port rejected by server with "please use SSL/TLS", when script tries to connect on secure port 995, nothing happend, no any response from mail server.
Probably, I missed one more HTTP header or so.
Anybody knows which command need send to end server through HTTP tunnel to start SSL connection?
I try to create a SSO in a Windows Domain using NTLM and no server modules with an Apache2 server on a Linux machine which is not in the Windows domain. Don't know if this is even possible. But I show you now what I've figured out and what I've to know next.
Okay first I turned on the options that my browser (IE and FF) sends the Authorization header with the NTLM data (Message type 1). This works I get a string like:
NTLMSSP²¢1 (±USERS-PCDOMAIN
But what's next? I've to send this string to the server where my AD's running right? So my server is known as SERVER1.DOMAIN and has the IP 192.168.1.14.
With which protocol and in which way can I send now the Message Type 1 to my AD server to get the NTLM challenge message (type 2) back?
I guess I'll have to write something like this:
<?php
$fp = fsockopen("192.168.1.14", 80 /* <--- which port? */, $errno, $errstr, 30);
if (!$fp)
die("$errstr ($errno)");
fwrite($fp, $headers['Authorization'] . "\r\n");
$ntlmChallengeData = '';
while (!feof($fp)) {
$ntlmChallengeData .= fgets($fp, 128);
}
fclose($fp);
var_dump($ntlmChallengeData); // The challenge data
But on which port does the Windows Server respond to my NTLM data?
This is not possible using only PHP. Validating NTLMv2 credentials requires SecureChannel encrypted RPCs with the NETLOGON service of an Active Directory DC. It is an understatement to say that that is a difficult thing to do.
In a Linux environment your best bet would be to maybe look into the Samba "winbind" package and do the auth at the Apache level. These modules have always been a little clumsy IMO but mod_auth_kerb and mod_auth_winbind are the standard modules for this type of thing last I checked.
I am currently using PHP to open up a port 43 connection to get whois information directly from a registry using this code.
// connecting to the whois server.
$handle = fsockopen($server, 43);
if (!$handle)
return false; // connection failure
//asking the server
fwrite($handle, $domain_name."\r\n");
// getting response
$response = '';
while (!feof($handle))
$response .= fgets($handle, 1024);
fclose($handle);
It works great however I want to connect though a proxy server so I route my intertent connection through it. If this were able to use cURL I would use curl_setopt($curl_handle, CURLOPT_PROXY, $ip_address . ':4040'); but i can not find a way to do this using fsocketopen. How can I accomplish this either with cURL or fsocketopen()?
Sockets dont have proxy. Just gateways and routers are in-the-middle (if any). You were talking about cURL, that it has proxy - it only uses http/s proxy service. For example, if you have http proxy service on server example.com:8080 you first need to open connection to server example.com (socket) on port 8080 and then send your request, proxy will forward your request and return response. In your case, you just open tcp connection on port 43 on specific host and exchange data directly with target server. If you dont want to do this directly and reveal your ip (or something) you'll need some service too. If you have access to other machine you could use it to do the job. If you want to do it manually you could use ssh or something like that, if you want to make it automatized, you'll probably need to write service on your middle server because you probably wont find any public proxy servers with other protocols than popular http, ftp, ...
Hope this helps.
By the way I see no reason why you should use proxy on whois service.
You could use a SOCKS proxy to relay the TCP connection from your machine to the SOCKS server to the WHOIS server but you would have to implement the SOCKS communication protocol over fsockopen.
Another method would be to use ProxyChains on the server and execute it via PHP. I've answered a similar question here ( How to capture and feed telnet using php and shell scripting? ) which shows how to invoke proxychains from PHP to execute a WHOIS command on a remote server and read the response.
I'm trying to connect to gmail pop server from a phplist installation and it fails, but i'm not sure whether my webhost opened port 995 or not. They say they have opened it, but i'm in doubt. Is there a way i can check it from a php script? They are running php 5.2.0 on a windows server, though i'm not sure what OS is that. phpinfo() says "Windows NT DEDI514 5.2 build 3790"
You can put code in a php script to open a connection to a specific hostname (or IP address) and port.
If you know the expected response, you should be able to tell if you are getting a connection. If you get something like "Connection refused", then either you are being blocked, or the destination host is not accepting connections on that port.
This example uses IP address 192.0.2.0 and port 995. Replace these with whatever you want to test.
<?php
echo "\nOpening connection\n\n";
$fp = fsockopen("192.0.2.0", 995, $errno, $errstr);
if (!$fp) {
echo "ERROR: $errno - $errstr\n";
} else {
echo fread($fp, 1024);
fclose($fp);
}
?>
You can also send data to the server using
fwrite($fp, "blah blah blah\r\n");
There is more information about fsockopen here.
I think you'll need to ping or traceroute to a machine that will respond on that port.
This article should have much more than you want to know, but there's an example script at the bottom that you can modify to test.
http://www.planet-source-code.com/vb/scripts/ShowCode.asp?lngWId=8&txtCodeId=1786
There are some other scripts here:
http://www.theworldsend.net/
I can't vouch for any of these personally, but they look like what you need.
And, of course, if you can ssh or telnet into your server, you can do all this much more easily using the ping and traceroute commands.
Maybe safe mode is active? This prevents calling services on other servers.
Edit:
All filesystem and stream functions are affected by the safe mode settings!
The open_basedir setting affects fopen()!
I'm using this to check for the availability of a URL:
$fp = fsockopen($url, 443, $errno, $errstr);
and I get this error back...
Warning: fsockopen() [function.fsockopen]: unable to connect to https://example.com/soapserver.php:443 (Unable to find the socket transport "https" - did you forget to enable it when you configured PHP?) in C:\Home etc etc....
I'm using an IIS server btw,( no its not my doing! ) so I think its something to do with not having open-ssl, but I'm not sure. Can anyone help please?
I did a phpinfo() and I do have ssl, but on IMAP and cURL, thats all.
Any ideas?
Uncomment the line: extension=php_openssl.dll in php.ini
You should be using just the hostname, not the URL in the fsockopen call. You'll need to provide the uri, minus the host/port in the actual HTTP headers. As #Martijin noted, and as listed in the manual page, you'll need to preface your host name with ssl:// for SSL or tls:// if using transport layer security.
Manual page for fsockopen. Look at Example #1.
also for ssl you need to prefix the host with ssl://
Let's say you wanted to grab NY Times, which enforces HTTPS:
Incorrect:
$client = stream_socket_client('https://www.nytimes.com', $errno, $errstr, 30);
Correct:
$client = stream_socket_client('tcp://www.nytimes.com:443', $errno, $errstr, 30);
Note I've replaced https:// with tcp:// and appended the 443 port to the hostname.
I guess we can say that stream_socket_client() does not speak URLs.
Switching to ssl:// worked for me but I kept getting a BAD REQUEST response. I found that I needed to add one more line to declare explicitly my Host Header as described here and ensure that I've updated my HTTP from HTTP/1.0 to HTTP/1.1:
$header .= "POST /cgi-bin/webscr HTTP/1.1\r\n";
$header .= "Host: www.sandbox.paypal.com\r\n";
Check curl installed or not for php.
if it is not installed install the curl.
for windows Uncomment the line: extension=php_openssl.dll in php.ini,
for ubuntu sudo apt-get install php-curl