embo1 Posted October 2, 2007 Share Posted October 2, 2007 Can anyone please tell me why this script will not display the form in IE but it works fine in Firefox, other than of course IE is ***** any help much appreciated <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title> Test Page </title> <SCRIPT TYPE="text/javascript"> <!-- function popup(mylink, windowname) { if (! window.focus)return true; var href; if (typeof(mylink) == 'string') href=mylink; else href=mylink.href; window.open(href, windowname, 'width=500,height=200,scrollbars=yes'); return false; } //--> </SCRIPT> </head> <body style="font-family: verdana, arial; font-size: 10pt;"> <CENTER> <body> <a href="somewhere.com">Reload</a> <? ############################################################################### # # # PHP Net Tools # # Copyright © 2005 Eric Robertson # # h4rdc0d3@gmail.com # # # # ------- # # # # PHP Net Tools is free software; you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation; either version 2 of the License, or # # (at your option) any later version. # # # # This program is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # # along with this program; if not, please visit http://www.gnu.org # # # # ------- # # # # You are permitted to edit and redistrubute this code as you wish, # # as long as you give credit where due and include a copy of the GPL. # # # # PHP Net Tools includes the following functional and configurable features: # # Resolve host/reverse DNS lookup, find the country in which the target # # host is located, ip whois, domain whois, ns lookup, dig, ping, # # traceroute, tracepath, portscan, nmap, and info logging. # # # # Please see the help option ([?]) for more information on each function. # # # # ------- # # # # last revision: 10.20.2005 (v2.7.0) # # see changelog.txt # # # ############################################################################### // Set script version number $version = '2.7.0'; // Log information of anyone visiting the site? (default = FALSE) $enable_log_user = FALSE; // Declare some globals global $ip, $host_name, $host_ip; // Shorten the variable names from submitted form elements - also initializes the variables for security $host = $_POST['host']; $resolve = $_POST['resolve']; $ip_to_country = $_POST['ip_to_country']; $whois_ip = $_POST['whois_ip']; $whois_ip_server = $_POST['whois_ip_server']; $whois_domain = $_POST['whois_domain']; $whois_domain_server = $_POST['whois_domain_server']; $ns = $_POST['ns']; $dig = $_POST['dig']; $dig_class = $_POST['dig_class']; $dig_server = $_POST['dig_server']; $ping = $_POST['ping']; $ping_count = $_POST['ping_count']; $trace = $_POST['trace']; $tracepath = $_POST['tracepath']; $portscan = $_POST['portscan']; $ports = $_POST['ports']; $scan_timeout = $_POST['scan_timeout']; $nmap = $_POST['nmap']; $nmap_options = $_POST['nmap_options']; // Function to find the ip address of the user function get_ip() { if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } else { $ip = $_SERVER['REMOTE_ADDR']; } return $ip; } // Function to log information of the person browsing the site (date, time, IP, host, what they scanned). // Saved in a comma separated text file which allows it to be opened as a spreadsheet function log_user($host) { global $ip; // Current Date and Time $log_date = date('Y.m.d'); $log_time = date('H:i:s'); // Create a variable holding the information to be saved $log_info = "$log_date,$log_time,$ip," . gethostbyaddr($ip) . ",$host\r\n"; // If the "log.csv" file already exists ... if (file_exists('log.csv')) { // ... open the file ready to add the info to the end ... $handle = fopen('log.csv', 'a'); } // ... otherwise, ... else { // ... create a new file and add a line with the heading $handle = fopen('log.csv', 'w'); @fwrite($handle, "DATE,TIME,USER IP,USER HOST,QUERY\r\n\r\n"); } // Add user info to the log file and close it @fwrite($handle, $log_info); fclose($handle); } // Function to print the Resolve Host/Reverse Lookup option results function resolve($host) { global $host_name, $host_ip; echo "<a href=\"javascript:enter_ip('$host');\">$host</a> resolved to "; if ($host == $host_name) { echo "<a href=\"javascript:enter_ip('$host_ip');\">$host_ip</a><br><br>"; } else { echo "<a href=\"javascript:enter_ip('$host_name');\">$host_name</a><br><br>"; } } // Function to find the country location of the machine host/ip function ip_to_country() { // Do a whois on the ip using "whois.arin.net" and store the results in $buffer $buffer = nl2br(whois_ip('whois.arin.net', '-1', 'FALSE')); // If the whois contains a line for a referral server, do a new whois using this server and store in $buffer if (eregi("ReferralServer:[[:space:]]*[a-z]*(whois://)*([a-z0-9-][\.a-z0-9-]{2,})[:]*([0-9]+)*", $buffer, $regs)) { $referral_host = $regs[2]; $buffer = nl2br(whois_ip($referral_host, $regs[3], 'FALSE')); } // If there is a line labeled "country", get its value and print it... if (eregi("country:[[:space:]]*([a-z]{2,})", $buffer, $regs)) { // Store the value of the "country" line from the buffer $country = $regs[1]; // Caching of the country list: If the file "list_file.txt" exists on the server, the country list was already cached, // so read it into the $list_file variable... if (file_exists('list_file.txt')) { $list_file = @file_get_contents('list_file.txt'); } // ...otherwise, download the country list and cache it on the server in the file "list_file.txt" else { // The ISO standards website provides a free text file listing every country and it's 2 character country code - // download this file and store it in the $list_file variable $list_file = @file_get_contents('http://www.iso.org/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/list-en1-semic.txt'); // Cache the country code list on the server $handle = fopen('list_file.txt', 'w'); @fwrite($handle, $list_file); fclose($handle); } // Convert the new line characters in the file contents to HTML line breaks and split it at each line into an array $list_file_br = nl2br($list_file); $list_rows = explode("<br />", $list_file_br); // Define an array to store the country info $country_list = array(); // Loop through each line in the file and save the 2 character country code and it's full name // in the $country_list array for ($i = 1; $i < count($list_rows); $i++) { $row = explode(";", $list_rows[$i]); $row_abbr = $row[1]; $row_name = ucwords(strtolower($row[0])); $country_list[$row_abbr] = $row_name; } // If the country in the whois buffer is in the country_list array, print its full name... if (array_key_exists($country, $country_list)) { echo "Location: <b>$country_list[$country]</b> ($country)<br><br>"; } // ...otherwise, just print the 2 character country code listed in the whois buffer else { echo "Location: <b>$country</b><br><br>"; } } // ...or if there is no "country" line, print location unknown else { echo 'Location: Unknown<br><br>'; } } // Function to perform a whois lookup on the machine's ip address function whois_ip($whois_ip_server, $whois_ip_port, $do_echo) { if (eregi("^[a-z0-9\:\.\-]+$", $whois_ip_server)) { global $host_ip; // The whois server "whois.arin.net" requires a "+" flag to get all the details if ($whois_ip_server == 'whois.arin.net') { $whois_ip_server .= ' +'; } // Set a variable containing the command to be sent to the system $command = "whois -h $whois_ip_server $host_ip"; // If we passed a specific port to this function to connect to, add the necessary info to the command if ($whois_ip_port > 0) { $command .= " -p $whois_ip_port"; } // Send the whois command to the system // Normally, the shell_exec function does not report STDERR messages. The "2>&1" option tells the system // to pipe STDERR to STDOUT so if there is an error, we can see it. $fp = shell_exec("$command 2>&1"); // If the $do_echo variable is set to "TRUE", send the results to the parse_output() function... if ($do_echo == 'TRUE') { $output = '<b>Whois (IP) Results:</b><blockquote>'; $output .= nl2br(htmlentities(trim($fp))); $output .= '</blockquote>'; parse_output($output); } // ...otherwise, return the results in a variable (i.e. for the ip_to_country() function) else { return $fp; } } else { echo '<b>Whois (IP) Results:</b><blockquote>'; echo 'Invalid character(s) in the Whois (IP) Server field.'; echo '</blockquote>'; } } // Function to perform a whois lookup on a domain function whois_domain($host, $whois_domain_server) { if (eregi("^[a-z0-9\.\-]+$", $whois_domain_server)) { global $host_name, $host_ip; // Set the default value for a variable $who_host = $host; // Split the host into its domain levels $split_host = explode('.', $host_name); // If the host name contains "www", remove it if ($split_host[0] == 'www') { array_shift($split_host); $who_host = implode(".", $split_host); } // If searching a japanese whois server, use the "/e" switch to suppress japanese characters in the output if (substr($whois_domain_server, -3) == '.jp') { $who_host .= '/e'; } // Send the whois command to the system // Normally, the shell_exec function does not report STDERR messages. The "2>&1" option tells the system // to pipe STDERR to STDOUT so if there is an error, we can see it. $fp = shell_exec("whois -h $whois_domain_server $who_host 2>&1"); // Save the results as a variable and send to the parse_output() function $output = "<b>Whois (Domain) Results:</b><blockquote>"; $output .= nl2br(htmlentities(trim($fp))); $output .= "</blockquote>"; parse_output($output); } else { echo '<b>Whois (Domain) Results:</b><blockquote>'; echo 'Invalid character(s) in the Whois (Domain) Server field.'; echo '</blockquote>'; } } // Function to perform an NS Lookup on a host/ip function nslookup($host) { // Set initial command to be run on the server $command = "nslookup $host -sil"; // Send the nslookup command to the system // Normally, the shell_exec function does not report STDERR messages. The "2>&1" option tells the system // to pipe STDERR to STDOUT so if there is an error, we can see it. $fp = shell_exec("$command 2>&1"); // Save the results as a variable and send to the parse_output() function $output = '<b>NS Lookup Results:</b><blockquote>'; $output .= nl2br(htmlentities(trim($fp))); $output .= '</blockquote>'; parse_output($output); } // Function to perform a dig on a host/ip function dig($host, $dig_class, $dig_server) { if (eregi("^[a-z0-9\.\-]*$", $dig_server)) { // Set initial command to be run on the server $command = "dig -t $dig_class $host"; // If a dig server has been entered, add the correct info to the command if ($dig_server) { $command .= ' @' . $dig_server; } // Send the dig command to the system // Normally, the shell_exec function does not report STDERR messages. The "2>&1" option tells the system // to pipe STDERR to STDOUT so if there is an error, we can see it. $fp = shell_exec("$command 2>&1"); // Save the results as a variable and send to the parse_output() function $output = "<b>Dig Results ($dig_class):</b><blockquote>"; $output .= nl2br(htmlentities(trim($fp))); $output .= '</blockquote>'; parse_output($output); } else { echo "<b>Dig Results ($dig_class):</b><blockquote>"; echo 'Invalid characters in the Dig Server field.'; echo '</blockquote>'; } } // Function to perform a ping on a host/ip function ping($host, $ping_count) { // Set initial command to be run on the server $command = "ping -c $ping_count $host"; // Send the ping command to the system. // Normally, the shell_exec function does not report STDERR messages. The "2>&1" option tells the system // to pipe STDERR to STDOUT so if there is an error, we can see it. $fp = shell_exec("$command 2>&1"); // Save the results as a variable and send to the parse_output() function $output = '<b>Ping Results:</b><blockquote>'; $output .= nl2br(htmlentities(trim($fp))); $output .= '</blockquote>'; parse_output($output); } // Function to perform a traceroute on a host/ip function traceroute($host) { // Set initial command to be run on the server $command = "traceroute $host"; // Send the traceroute command to the system. // Normally, the shell_exec function does not report STDERR messages. The "2>&1" option tells the system // to pipe STDERR to STDOUT so if there is an error, we can see it. $fp = shell_exec("$command 2>&1"); // Save the results as a variable and send to the parse_output() function $output = '<b>Traceroute Results:</b><blockquote>'; $output .= nl2br(htmlentities(trim($fp))); $output .= '</blockquote>'; parse_output($output); } // Function to perform a tracepath on a host/ip function tracepath($host) { // Set initial command to be run on the server $command = "tracepath $host"; // Send the tracepath command to the system. // Normally, the shell_exec function does not report STDERR messages. The "2>&1" option tells the system // to pipe STDERR to STDOUT so if there is an error, we can see it. $fp = shell_exec("$command 2>&1"); // Save the results as a variable and send to the parse_output() function $output = '<b>Tracepath Results:</b><blockquote>'; $output .= nl2br(htmlentities(trim($fp))); $output .= '</blockquote>'; parse_output($output); } // Function to perform a port scan on a host/ip function portscan($host, $ports, $scan_timeout) { if (eregi("^[0-9\,\-]+$", $ports)) { echo '<b>Portscan Results:</b><blockquote>'; echo "<table border='0' cellspacing='0' cellpadding='0'>"; // split the $ports variable into an array containing the port numbers to scan $port_array = explode(",", $ports); // Save the current time (for calculating how long the scan took) $start_time = time(); // Loop through the ports and check to see if they are open or not for ($i = 0; $i < count($port_array); $i++) { // If the current loop contains two sets of numbers with a dash separating them, // it is a range of ports, so create a new loop to scan and print out each one... if (eregi("([0-9]+)[-]{1}([0-9]+)", $port_array[$i], $regs)) { for ($x = $regs[1]; $x <= $regs[2]; $x++) { // Create a connection to the port $sock = @fsockopen($host, $x, $num, $error, $scan_timeout); // If we can connect to the port, set the port status to "open", // otherwise, set the port status to "closed" if ($sock) { $port_status = "<font class='open_port'>open</font>"; fclose($sock); } else { $port_status = 'closed'; } // Get the description of the port $port_name = getservbyport($x, 'tcp'); // Print the port status echo "<tr><td width='50%'>Port <b>$x</b> is $port_status.</td>"; // If the current port has a description/default use, print it if ($port_name != NULL) { echo "<td>[$port_name]</td>"; } echo '</tr>'; } } // ...otherwise, if the current loop contains just numbers, it is a single port, so scan it elseif (eregi("[0-9]+", $port_array[$i])) { // Create a connection to the port $sock = @fsockopen($host, $port_array[$i], $num, $error, $scan_timeout); // If we can connect to the port, set the port status to "open", // otherwise, set the port status to "closed" if ($sock) { $port_status = "<font class='open_port'>open</font>"; fclose($sock); } else { $port_status = 'closed'; } // Get the description of the port $port_name = getservbyport($port_array[$i], 'tcp'); // Print the port status echo "<tr><td width='50%'>Port <b>$port_array[$i]</b> is $port_status.</td>"; // If the current port has a description/default use, print it if ($port_name != NULL) { echo "<td>[$port_name]</td>"; } echo '</tr>'; } } // Save the current time again (for calculating how long the scan took) $end_time = time(); // Calculate the elapsed time during the port scan $time_diff = $end_time - $start_time; $mins = date('i', $time_diff); $secs = date('s', $time_diff); // If the the elapsed time during the port scan was less than a second, set it as taking 1 second // (it obviously has to take some amount of time) if (($mins == '00') && ($secs == '00')) { $secs = '01'; } // Print the elapsed time of the port scan echo "<tr><td colspan='2'><br>Portscan completed in <b>$mins</b> minutes and <b>$secs</b> seconds.</td></tr>"; echo '</table></blockquote>'; } else { echo '<b>Portscan Results:</b><blockquote>'; echo 'Invalid characters in the Portscan field.'; echo '</blockquote>'; } } // Function to perform an nmap on a host/ip function nmap($host, $nmap_options) { if (eregi("^[a-z0-9 @_:,-\.\*\/]+$", $nmap_options)) { // Set initial command to be run on the server $command = "nmap $nmap_options $host"; // Send the nmap command to the system. // Normally, the shell_exec function does not report STDERR messages. The "2>&1" option tells the system // to pipe STDERR to STDOUT so if there is an error, we can see it. $fp = shell_exec("$command 2>&1"); echo '<b>Nmap Results:</b><blockquote>'; echo nl2br(htmlentities(trim($fp))); echo '</blockquote>'; } else { echo '<b>Nmap Results:</b><blockquote>'; echo 'Invalid characters in the Nmap field.'; echo '</blockquote>'; } } // Function to parse the results of various commands to create shortcut links function parse_output($input) { // Create a regular expression to validate email addresses // (credit goes to "bobocop at bobocop dot cz" from "eregi" comments on php.net for this regular expression) $user = '[-a-z0-9!#$%&\'*+/=?^_`{|}~]'; $domain = '([a-z]([-a-z0-9]*[a-z0-9]+)?)'; $regex = $user . '+(\.' . $user . '+)*@(' . $domain . '{1,63}\.)+' . $domain . '{2,63}'; // Convert IP addresses to links $parsed_ip = eregi_replace("([0-9]{1,3}(\.[0-9]{1,3}){3})", "<a href=\"javascript:enter_ip('\\0');\">\\0</a>", $input); // Convert email addresses to links $parsed_email = eregi_replace($regex, "<a href=\"mailto:\\0\">\\0</a>", $parsed_ip); // Print the results $output = $parsed_email; echo $output; } // Set the default value for certain variables if ($host == "") { $host = 'Enter Host or IP'; } if ($whois_ip_server == "") { $whois_ip_server = 'whois.arin.net'; } if ($whois_domain_server == "") { $whois_domain_server = 'whois-servers.net'; } if ($ping_count == "") { $ping_count = '4'; } if ($scan_timeout == "") { $scan_timeout = '1'; } // Call the get_ip() function and store the results in $ip $ip = get_ip(); ?> <html> <head> <title>PHP Net Tools</title> <style type="text/css"> <script language="javascript"> function check_focus(val) { if (val.value == "Enter Host or IP") { val.value = ""; } } function enter_ip(ip) { document.forms[0].host.value = ip; } function help(box_msg, box_title, box_width, box_height) { var box_left = (screen.width - box_width) / 2; var box_top = (screen.height - box_height) / 2; box_text = "<html><head><title>" + box_title + "</title></head><body bgcolor=\"#87E8EB\">"; box_text += box_msg; box_text += "</body></html>"; var help_box = window.open('','help_box','width=' + box_width + ',height=' + box_height + ',left=' + box_left + ',top=' + box_top + ',toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,copyhistory=no,resizable=yes'); help_box.document.write(box_text); help_box.focus(); } </script> </head> <body> <form name="tools" action="<? echo $_SERVER['PHP_SELF']; ?>" method="post"> <table align="center" border="0" cellspacing="0" cellpadding="2"> <tr> <td height="100" class="options"> <input type="checkbox" name="whois_domain">Whois (Domain) <input type="checkbox" name="whois_ip" <? if (isset($whois_ip)) { echo "checked"; }?>>Whois (IP) <!-- <CENTER> <input type="checkbox" name="dig" <? if (isset($dig)) { echo "checked"; }?>>Dig <select name="dig_class"> </CENTER> <? $dig_class_array = Array('ANY', 'A', 'IN', 'MX', 'NS', 'SOA', 'HINFO', 'AXFR', 'IXFR'); for ($i = 0; $i < count($dig_class_array); $i++) { echo "<option value=\"$dig_class_array[$i]\""; if (!isset($_POST['dig_class'])) { $dig_class = 'ANY'; } if ($dig_class_array[$i] == $dig_class) { echo ' selected'; } echo ">$dig_class_array[$i]</option>"; } ?> </select> </td> </tr> <tr> <td colspan="2" align="center" class="host">Host: <input type="text" name="host" size="30" value="<? echo $host; ?>" onFocus="check_focus(this)"> <input type="submit" name="submit" value="Get Info"> </td> </tr> </table> </form> <BR> <? // If the user clicked the "Get Info" button... if ($_POST['submit']) { // If no options were selected, print an error if (!isset($resolve) && !isset($ip_to_country) && !isset($whois_ip) && !isset($whois_domain) && !isset($ns) && !isset($dig) && !isset($ping) && !isset($trace) && !isset($tracepath) && !isset($portscan) && !isset($nmap)) { echo '<br><br>You must select at least one option to perform.'; exit; } // If there was no host entered, print an error if (($host == 'Enter Host or IP') || ($host == "")) { echo '<br><br>You must enter a valid Host or IP address.'; exit; } // If the value of $host begins with an alpha character, it must be a host name, so find its ip... if(eregi("^[a-z]", $host)) { $host_name = $host; $host_ip = gethostbyname($host); } // ...otherwise, it must be an ip address, so find its host name else { $host_name = gethostbyaddr($host); $host_ip = $host; } // If the option is set to log the user info, call the log_user() function if ($enable_log_user == TRUE) { log_user($host); } } // If an option is set, call its respective function if (isset($resolve)) { resolve($host); } if (isset($ip_to_country)) { ip_to_country(); } if (isset($whois_ip)) { whois_ip($whois_ip_server, '-1', 'TRUE'); } if (isset($whois_domain)) { whois_domain($host, $whois_domain_server); } if (isset($ns)) { nslookup($host); } if (isset($dig)) { dig($host, $dig_class, $dig_server); } if (isset($ping)) { ping($host, $ping_count); } if (isset($trace)) { traceroute($host); } if (isset($tracepath)) { tracepath($host); } if (isset($portscan)) { portscan($host, $ports, $scan_timeout); } if (isset($nmap)) { nmap($host, $nmap_options); } ?> </body> </html> </body> </html> Thanks in Advance Quote Link to comment Share on other sites More sharing options...
cooldude832 Posted October 2, 2007 Share Posted October 2, 2007 try the full <?php tag instead of the <? but also does it not work 100 or what? Quote Link to comment Share on other sites More sharing options...
embo1 Posted October 2, 2007 Author Share Posted October 2, 2007 Thanks i will try that, it does work 100% with Firefox, just IE will not display the form where you enter Ip/Host address so in effect it makes it unusable Quote Link to comment Share on other sites More sharing options...
cooldude832 Posted October 2, 2007 Share Posted October 2, 2007 I am unfamilar with this specific program and do not know what the form does, nor do I want to read through the code, but you either are having your output supressed or something else. Make sure you hav e_report(alll) on Quote Link to comment Share on other sites More sharing options...
embo1 Posted October 2, 2007 Author Share Posted October 2, 2007 Here is an example of the full version of the script ref "http://www.tleone.com/in_lookup.html" I am using the same script but with trimmed options php.ini file is register_globals = on shell_exec = on Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.