I want to create a zombie server.
That means, it is a proxy server being controlled by another server.
The reason is that my server neither supports ssl nor curl. And another server does. So I want to pass php-orders to the other server(which understands php) via php-paramater (index.php?order=...) and the result to be sent to my script.
Is there a snippet available for the zombie server?
It is highly unsecure and untested, but I believe something like that would suit your needs.
Server 1 (that without curl etc.):
<?php
// hash from pass, eg. 'da790439c0d433fcb1c1528008a1df2b5a7a7051'
$hash = sha1('some password here');
$command = 'echo "aaa";';
$result = file_get_contents('http://www.example.com/?hash='.$hash.'&command='.urlencode($command));
Server 2 (that with curl):
<?php
// hashed password hash
$hashed_hash = 'eb6874cc5accb7ab24c1ce4a6ec5521ac5748340';
if (isset($_GET['hash']) && sha1($_GET['hash'])==$hashed_hash) {
// correct hash given
$command = urldecode($_GET['command']);
// do whatever you need with command
}
You can use file_get_contents() with a HTTP resource provided that the fopen() wrappers are enabled.
if (($sResult = #file_get_contents('http://zombie.example.net/order.php?order=…')) === FALSE) {
throw new Exception('HTTP request failed!');
}
You then can parse $sResult.
Still, be sure to know that you are sending possibly sensitive information in plain-text to the "zombie" before the request is protected via SSL there.
At the zombie in order.php script, you simply process the $_GET parameters and put them into a SSL request, using either cURL or file_get_contents() again.
Related
I have a PHP app that I built using the Slim routing framework. The app needs to send dynamic emails from orders so that users can just respond to those emails and the response goes right back into the app (stored in MySQL). I can easily create the dynamic address per order and that goes out just fine. My problem is getting it back.
I setup a subdomain (mailer.example.com) and in cPanel I setup a forwarder to catch all mail to that subdomain and forward it to a specific PHP file. That php file reads stdin and grabs the mime message and currently writes it to a file:
#!/usr/bin/php -q
<?php
// read from stdin
$fd = fopen("php://stdin", "r");
$email = "";
while (!feof($fd))
{
$email .= fread($fd, 1024);
}
fclose($fd);
$filename = "mail_".date("mdYHis").rand(1,99999999);
file_put_contents("mailfiles/".$filename, $email);
header("Location: http://www.example.com/public/mailer/process/".$filename);
As you can see, at the end I would like to forward this to my actual app which has all the database calls and other routines to process the email. But I don't know how to get the request into the app. It seems to ignore the header call above.
Am I doing this all wrong or should I just do all the processing I need in this script? I realize that would maybe be the easiest path forward but I'm also trying to use a mail parse library that fits nicely in my app.
Not sure if that all makes sense. Let me know what other info you need.
I think what you're looking to do isn't to return an HTTP response with a Location header, but rather initiate an HTTP request to your web server.
In that case, you should replace your header() call with:
$ch = curl_init('http://localhost/public/mailer/process/' . $filename);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
Note that your script (the one called to save the mail contents) will wait for your app to finish processing the request. If this is an issue for you, you'll need to use a technique to run PHP processes in the background.
You can read a mailbox with php and parse the emails that way.
// To connect to a POP3 server on port 110 on the local server, use:
$mbox = imap_open ("{localhost:110/pop3}INBOX", "user_id", "password");
I would not, create a custom reply-email/mailbox, per order, instead add the order to the subject as a reference. That way you only need to parse one mailbox.
Find the imap functionality here
Hello I'm quite new to using sockets and am not that familiar with them yet, Basically all i am trying to do is pass a string variable to a web address (e.g. www.example.com/index.php?Example=StringExample) and then get a response, so for example it would return "Test Example" if index.php looked like this:
<?php
if($_GET['Example'] == "StringExample")
{
echo "Test Example";
}
?>
Here is what I've tried in c++:
struct sockaddr_in SocketAddress;
hostent* addr = gethostbyname("www.example.com/index.php?Example=StringExample");
int sizeofaddr = sizeof(addr);
SocketAddress.sin_addr.s_addr = inet_addr(addr->h_name);
SocketAddress.sin_port = htons(80);
SocketAddress.sin_family = AF_INET;
SOCKET Connection = socket(AF_INET, SOCK_STREAM, NULL);
if (connect(Connection, (SOCKADDR*)&addr, sizeofaddr) != 0)
{
return 0; //Failed to Connect
}
char buffff[256];
recv(Connection, buffff, sizeof(buffff), NULL);
//"Test Example" now stored in buffff
What am i doing wrong?
Btw in my case i would not like to use any libraries like boost or anything like that. Thanks for the help :)
gethostbyname("www.example.com/index.php?Example=StringExample");
"www.example.com/index.php?Example=StringExample" is not a valid server name. This is an entire URL; a server name would be "www.example.com". gethostbyname() takes the name of a server, and not a URL, and returns its IP address. Additionally, gethostbyname() has been obsoleted. New code should use the getaddrinfo(3) function, instead.
This is obviously an HTTP URL. To download a document via HTTP it is a lot more work than just connecting a socket. Establishing a socket connection is just the first step in the process of downloading a document from an HTTP server. This must be followed by sending a valid HTTP request, and then receiving an HTTP response from the server.
There are many libraries, such as curl, that implement the entire client-side process needed to download an HTTP document, that will handle the socket connection themselves.
But there's nothing wrong with trying to implement this yourself, either. It's a good programming excersize.
So, after resolving www.example.com's IP address, you will need to
1) Connect to the server's port 80, the default HTTP port.
2) Send an HTTP request for "/index.php?Example=StringExample".
3) Parse the HTTP response.
The specification for HTTP requests and responses is defined by RFC 2616, which you can consult for complete documentation of how HTTP requests and responses are structured.
If you want to access a web server with sockets, you have to keep in mind:
You can open a tcp/ip connection to your web server
BUT afterwards you have to do the http protocol by yourself
In case of your example:
hostent* addr = gethostbyname("www.example.com");
//...
const char* request = "GET index.html"
send(Connection, request, strlen(request), NULL)
//fetch index.html with a recv and parse it
To be more precise, if you want to access your server, you have to take a look how GET, PUT, POST, etc. are implemented in the http protocol, send the proper commands to your web server and recv() the replies
I'm simply attempting to execute remote PHP code locally.
To put it simply, I have an external script hosted on xxx.com/code.txt - and then want to have my internal system load that code in PHP. I tried using file_get_contents() but I don't think this is the right method of doing so.
I also tried using include(), but it seems that most PHP configurations have the http wrapper disabled. So in that case, how can I, using PHP check to see if the server has allow_url_include enabled or not because my script relies on loading the external code, or at least having a if function to check if allow_url_include is enabled or not.
Try this function
function get_data($url)
{
$ch = curl_init();
$timeout = 5;
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,$timeout);
$data = curl_exec($ch);
echo $data;
curl_close($ch);
return $data;
}
You can call this function like this
$response = get_data('http://yoursite.com/code.txt');
To kinda safely import code you could:
make a php script which requires a hash (big big big hash) and put it on the server you want to connect to.
You can then #file_get_contents() that php file with the hash in the url
That script accepts the hash, imports a file (whichever you want) and returns it.
But as they all said, if it's PHP you want to execute think twice.
And if this does not convince you at least don't do it plain text but encrypt it or something (SSL is something, but blowfish with a two sided key would be better) and an allowed IP system.
The point is that you want to control the gateways, not make it open to all.
I personally don't see how this can be done even though these are my servers. But I want to know if my servers can reach external sites--ping a generic website for example--have outgoing communication. That is, I want to use execute a PHP script on one server, connecting to another of my servers, and test if the second server can ping a website, for example. So I know how to use PHP on the server my script is executing from to ping a website with fopensocket. I just don't know how to set this up to test another server's pingability. I mean I have the credentials but the only way is to have my script on each and every server and then reach the script and execute them. That is not what I want. I want to do this from the one/external server and just feed my script the ip/port/uid/pwd of the server I want to test.
An easy API would look something like:
SERVER1:
// get response from server2
$response = file_get_contents('http://www.server2.com/api.php?method=ping&ip=IP&port=PORT&uid=UID&pwd=PWD');
// do json_decode() if response is json string
SERVER2 (api.php):
// respond to API call
if (isset($_GET['method']) && $_GET['method'] == 'ping') {
// get other params and do your ping function
echo $pingresult; // perhaps a json encoded array
exit;
}
There is no security so you could send an API password or do it with OAuth or HMAC
I was wondering how to send a php variable from one server to another php script on another server?
I have 2 php scripts on 2 different server and one must send vars to the other.
I've been searching with little luck.
Would appreciate any help.
You could achieve that using curl and sending the variable as a GET value.
Something like this:
$data = "data you want to send";
$data = urlencode($data);
$url = "http://example.com?data=" . $data;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_exec($ch);
curl_close($ch);
Let's assume $data = "foobar"
Doing the above from a PHP script would be the same as someone visiting http://example.com?data=foobar from a browser.
You could obviously send it to any script using the url:
http://example.com/yourscript.php?data=foobar
At yourscript.php you can get the data at $_GET['data'], do some input validation to ensure it is being sent from your script and not from someone else via a browser (more on that later) and then proceed with your script.
For this to work, yourscript.php will have to reside in the public html folder of youtr webhost so it is accessible to your other script.
SECURITY
Whether you are passing the data over GET or POST, someone else can send (possibly malicious) data to your script as well. Thus, when yourscript.php receives data, there needs to be a way for it to ensure you are the sender of the script. An easy way to achieve this is: decide on any arbitrary number known only to you, say, 12.
Concatenate the number with the data you are passing and calculate the md5 hash and send it as another get variable.
In this case, you would calculate md5("12foobar")
and the URL would be: http://example.com/yourscript.php?data=foobar&auth=hash
When yourscript.php receives the data, it calculates the same hash (using the number 12, known to no one else) and if the hash it calculates matches with $_GET['auth'], you can be sure you sent the data.
If someone tried to imitate you and send data, they would not know how you calculate the hash, and would thus send the wrong hash.
PS
Another way to ensure rock solid security, would be to just check the IP address of the user-agent at $_SERVER['REMOTE_ADDR']. If it is the IP address of the webhost where your other script resides, then you know it is you.
I haven't thought this method through, so there might be some loopholes.
You can do that either using GET query strings (second_php?var=value) or using a curl connection with POST method and then send your data over POST.
You should probably use SOAP. It's used for remote function calls and it brings you little more overhead than just calling http requests, but it also brings you guarantee that remote function will be executed (or will cause error), it will directly return whatever datatype you need and I believe that's what this technology was developed for :)