Jump to content

Recommended Posts

Posted

Is there any way that you can view the raw php on a site, is there a download manager that i can download it, is there a browser/firefox plugin that views it just as text?

Posted

No, the server will never send you the raw php unless, for some reason, the php module fails to load and, some how, the server continues to run.

Posted

mixxoys it sounds like you are a little confused as to what php is, PHP is a scripting langauge that is executed on the server side. This means that the php code never needs to be sent to you. So that means that you could do all the packet sniffing in the world and you still wont get the php code as it is never leaving the server that is executing it.

Posted

You might try thefilename.php~ as well since that is the name of the backup emacs does automatically if not told otherwise. But unless someone has been sloppy and left a guessable file that isn't interpreted it is impossible.

Posted

Don't forget .<originalname>.swp for the vi backup.

No, if you want to have a try at this, try using Google Code Search. Seems people have been making a (bad) habit of zipping up a backup of their site... on their site. :?

There was search link someone posted to either Digg or Slashdot shortly after GCS launched that would search for the database passwords in these files. After that, all you need is some overworked, underpaid admin who forgot to firewall off the database server port...

Posted
You could ftp into the site! :pirate:

Now you are assuming that the site is setup so you can brows there ftp server.

Maybe scp, or sftp. Once in you could create a page like this one http://www.php.net/source.php?url=/source.php. Then you can have access to the source of any page instantly.

On e again you are assuming the sites have very bad security. Like any site is going to let you upload anything to them from there ftp server. More over you should of at least said what is inside source.php :/ you cant just name a file that and it magically works. So i would assume the file you are uploading is going to have this code in it

 &lt;?php

if(isset($_GET['url'])) {

header('Content-Type: text/plain');

$page = $_GET['url'];

$info = file_get_contents($page);

header('Content-Type: text/html');

echo $info;

}

Now this brings you to the other question, if you can ftp into the server why upload something why not just download the pages you want?

Posted

BZZZZZZZZZRT!

You took a left when you should've taken a right. Such a shame.

What should be said has been said.

And this is not a cracking forum.

Update

Just looked over it and it's one of those puzzle sites.

At least the first one was _DEAD_ easy. Just try harder.

- Unlocked -

Posted

No haha, ive got it all, me and my friends are kinda competing on finding the last code, no hints, we just gotta crack the php.

Posted

Ask the bloody server admin for a Root (or reseller) user name and password...

And if it has not already been done, ask him to install an FTP server.

Posted
You might try thefilename.php~ as well since that is the name of the backup emacs does automatically if not told otherwise. But unless someone has been sloppy and left a guessable file that isn't interpreted it is impossible.

you can't read I posted '~' ;0

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...