When trying to get information from a php file hosted on a site. How do
you get the actual webpage content? I am just testing how to do this
right now, my code is this:
include("http_func.inc");
port = get_kb_item("Services/www");
if(!port) port = 80;
if (is_cgi_installed(port:port, item:"/src/login.php"))
{
req = http_get(item:string("/src/login.php"), port:port);
soc = http_open_socket(port);
if(soc)
{
send(socket:soc, data:req);
r = http_recv(socket:soc);
http_close_socket(soc);
if(egrep(pattern:".*version.*", string:r))
{
security_warning(port:port, data:r);
exit(0);
}
}
}
The output I get is this:
HTTP/1.1 200 OK
Date: Fri, 14 Feb 2003 15:26:33 GMT
Server: Apache/1.3.27 (Unix) PHP/4.3.0
X-Powered-By: PHP/4.3.0
Set-Cookie: PHPSESSID=8f4ea954d90e2241a7cf2858bd78bdc2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0,
pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=deleted; expires=Thu, 14-Feb-02 15:26:32 GMT;
path=/
Set-Cookie: username=deleted; expires=Thu, 14-Feb-02 15:26:32 GMT;
path=/
Set-Cookie: key=deleted; expires=Thu, 14-Feb-02 15:26:32 GMT; path=/
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1
--
Randy C. Matz, System Administrator
Corporate Technologies USA, Inc.,
A Vicom Company [NASDAQ: VICM] 2000 44th Street SW Suite 100, Fargo,
North Dakota, 58103, USA
1-701-281-5403 - Direct
randy.matzat_private
This archive was generated by hypermail 2b30 : Fri Feb 14 2003 - 07:32:36 PST