Jump to content

Search the Community

Showing results for tags 'PHP'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 18 results

  1. Hi! I am trying to build a new webinterface for the pineapple, because I want to use the device to teach people how vulnerable they are. I want to use the pineapple API for this, using PHP to call the functions on my pineapple via cURL. I have the following code: When I execute this code, i'll get bag a '200' http code. All good right? However, the server output is 'not authenticated' and nothing happens on the pineapple, no notification appears. Does anybody have any idea what I'm doing wrong?
  2. After playing with the nano for a few days - love the product and can see how this is going to be very useful. Yet there are a few things which through lack of knowledge am struggling to achieve and not even sure if possible ... 1: Symlink - using ln - s /root/portals /sd/portals my nano seems to be still writing to the Root folder and therefore full (lots of resets later and even doing ln -s /root/ /sd/ to everything sits on SD card seems not to work). Is there a way to have everything on the SD card? so when using portal auth etc if does it directly to the card? 2: Landing page - we have a company site and wanting to create a "Security Page" which when company employees are tricked / connected to the nano will send them to an external hosted site / company website. Rather than use a portal so I can just connect the nano to an internet connection and not have to host the portal / as due to point 1 I seem to run out of space and the nano freezes / takes ages to process anything. 3: Captive portals - the default "Evil portal" allows people to authenticate - yet when creating / importing portals the users receive not authorised and therefore close the browser and think they are not connected / yet reopening the browser allows access. Is there any kind soul that could demo the PHP / code I need to add to the portal to auto accept? My PHP skills are poor at best and however many youtube videos I watch I cannot seem to locate the answers to the above, (along with looking around forums etc), I thank you for taking the time to read and appreciate any assistance you may offer. As DNS Spoof does not seem to work against the Iphone / company phones and unable to redirect to a site using this method. Awesome product / having lots of fun - and showing the users how risky captive portals are (they seem to think only other people get hacked) will be a huge bonus as part of the security awareness program. Cheers.
  3. I have bought a USB Rubber Ducky. But I could not set up a php server where the usb Rubber Ducky can send the copied passwords from my other computer. Can anyone help me to setup a server?
  4. Hi, i have gone through the tutorials for the evilportal module, and now wanted to create a portal on my own for my needs.... I followed the tutorial from frozenjava (which was posted in the forums quite some time ago...), but im having trouble "bending" the code for my needs (basiclly im trying to: get input from "user" and "pass" text field from index.php and print it to a file in /www )... code in index.php: <snip> code in capture.php: <?php $user = $_GET["user"]; $pass = $_GET["pass"]; $redir = $_GET["redir"]; $file = fopen("stored.txt", "a"); fwrite($file, $user . "\n"); fwrite($file, $pass . "\n"); fclose($file); echo '<script type="text/javascript">window.location = "' . $redir . '"</script>'; ?> I think im messing things up with the variables, but im very inexperienced thus i need some help... (oh btw: i didnt get that myportal.php replaced capture.php (i think) at first, so that i manually created my captured.php...) Thanks in advance ;)
  5. Hey all, I've got a problem with my python server. The Bash Bunny doesn't want to handle it forever, so it seems to stop handling after about 5 seconds (or shutting it down, can't tell which). The exact same code works locally on my computer (python script that runs a simple SocketServer), and it runs forever (using httpd.serve_forever()), however the BB doesn't want to run it forever. Any ideas why the BB stops handling? EDIT: Just for those that are interested, the browser error says "Site cannot be reached; connection was reset (ERR_CONNECTION_RESET)".
  6. Hey, I am trying to download a folder (not a .zip) from a GitHub repository and save it the contents to a local folder from inside PHP/JavaScript. The contents are other folders and text files. I know how to download specific files or zips from GitHub but downloading a folder that has other folders in it...Would be easier to just download the .zip of it but unfortunately it is a folder, not a .zip. Any possible way anyone can think of to achieve this? Would be great :)
  7. I started learning PhP recently and I am trying to create a social network for practice, I have got signup login and user homepage figured out what I can't seem to think about is the logic behind adding friends and blocking people. I tried looking it up and all the answers were a little too complicated for me to understand so if someone could please help me and explain the logic behind this would be a great help. Thank you.
  8. I am trying to create a chat function for my website and I just wanted to know whether it's a good idea to store the history in a txt file. I wanted to know wheater it would create extra load on the server and if there are any other means of storing data for storing chat data please do suggest them also I tried to store data in mysql directly, what I was doing (on localhost) was creating different tables for storing chats in the Tables, for example if user1 texts user2 the Table would be user1:user2 and then the rest of the chat would be a database entry. Any help would be really appreciated. If there are any disadvantages of storing chat data in txt form could you please write that down as well? Thanks a lot.
  9. sahil

    Userhompage

    I am trying to create a website where people can create an account but I am not able to figure out how do I display the user information. I mean should I create separate php files for each and every user or should I just make one file with headers that'll change the user information according to their session id. I hope you get what I am trying to say. Can anyone help me out.
  10. Hi! I've got some more questions about file-upload bypassing techniques. I know how to bypass $_FILES["myfile"]["type"] by modifying 'content-type' in Burpsuite. But I don't know how to bypass pathinfo() or getimagesize(); In this example code: <?php $target_dir = "uploads/"; $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = pathinfo($target_file,PATHINFO_EXTENSION); // Check if image file is a actual image or fake image if(isset($_POST["submit"])) { $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if($check !== false) { echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { echo "File is not an image."; $uploadOk = 0; } } ?> Is it possible to bypass the two, or just one of the two? So to upload a basic PHP-shell. Just to get a basic system() shell. Thanks!
  11. I have setup and confirmed the funcitonality of this payload via tcpdump; but the Invoke mimikatz payload's "rx.php" fails to create .creds files. Confirmed appropriate permissions on the php script for www-data. Still nothing is created and no creds are captured. I can see them get sent to the server via packet capture; but if that's not running I don't ever see the creds files the rx.php script is supposed to create.
  12. Hello, I'm trying to code some module on my Tetra. I want to make a SSL https-request to a server including POST vars. But it seems that i cannot do a HttpRequest. I tried to use cURL (not implemented?) and file_get_contents (always FALSE) but still i'm wondering how to to this. PHP 5.6.17, Python 2.7, Tetra 1.1.1 What do i miss, doing wrong or misunderstand??
  13. Hello pineapple community. I'm having trouble with my mark v dnsspoof. I wrote my own html that pulls credentials from a form and posts them up to a PHP function located in a separate file. Flow looks like this: Index.html redirect >> main.html >> form >> login.php(data logged) >> redirect >> back to main.html. The idea is that the page loads, which once spoofed it does very nicely. But then I push the submit button, the information posts to the PHP and I get a 404E. Everything is there in html but once directed at any .PHP it 404E's. I fallowed the phishing tutorial and fallowed every step, but for some reason I keep getting the 404E. I'm thinking that PHP isn't installed correctly but I'm kind of new to this and have no Idea what I'm doing wrong. Any help would be greatly appreciated. Thank you.
  14. Hey all. deleted this as no one wanted to help.
  15. Is there a tutorial on making infusions? Safe to say the small and large title code is basic html? I think I made a hello world one, but how do I install it? just make a folder in xx/infusions/<myinfusion> and unpack it?
  16. Have you guys read the recent news? http://thehackernews.com/2013/09/hacking-facebook-to-delete-any-account.html The researcher literally shares the single .php line to put into the URL that is needed to delete ANY facebook account, and even the ID data needed is publicly available too. It's an even more shame because the researcher turned this into Facebook (for those who know, Facebook pays those who find bugs in their system) and they won't even look at his submission. It's a shame
  17. Any have any idea why the status page is displaying the php code and not the parsed output? To get a better understanding of what I mean, check out this http://imgur.com/wjeKMwT
  18. I am creating phishing pages for websites which includes making m.facebook.com for the mobile site and facebook.com for desktop users. Now it works good, but most users don't go to m.facebook.com they go to facebook.com and let php do the redirection for them on mobile sites. Now I got it working mostly. This is my setup. Redirect.php has a line that points facebook to facebookredirect.php. The facebookredirect.php file looks like this That code is from here. The code "mobile_device_detect.php" is for checking if the request for the site is from a mobile web browser or from a desktop which is here The facebookredirect.php says that if it is a mobile web browser go here or if it is a normal page go here. Now it works on my web hosting server but not on the pineapple. The error I get is this Apparently this function is looking for strings in the browsers User-Agent. The pineapple should be able to run this included function. It is included in php 4 and 5. If you put these files (click here) in a web directory on a web server like hostgator or dreamhost and go the the facebookredirect.php page and depending on your browser you should go to the correct page. facebookmobile.htm for phones and facebook.htm for desktops. If I could figure out this error and get it working it would be pretty slick for any users that go to facebook.com on the pineapple to seamlessly go to the mobile site for mobile users and the normal site for desktop users.
×
×
  • Create New...