mikefrederick Posted February 15, 2008 Share Posted February 15, 2008 Wrote this Content Grabber today. Grabs stuff from other sites, give me some feedback and let me know if you see errors. Thanks, its at http://scripts.loado.com/pagegrabber/ Link to comment https://forums.phpfreaks.com/topic/91179-script-written-today/ Share on other sites More sharing options...
agentsteal Posted February 15, 2008 Share Posted February 15, 2008 Admin Access: Anyone can get your username and password with the PHP Source Code Disclosure. Directory Transversal: There is Directory Transversal if the url field contains ../ Full Path Disclosure: http://scripts.loado.com/pagegrabber/contentgrabber.php Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 35 Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 36 Full Path Disclosure: There is Full Path Disclosure if the url field contains an invalid value. Warning: fopen(a) [function.fopen]: failed to open stream: No such file or directory in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 9 Warning: file_get_contents(a) [function.file-get-contents]: failed to open stream: No such file or directory in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 10 Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 35 Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 36 PHP Source Code Disclosure: There is PHP Source Code Disclosure if the url field contains ../file.php. User Enumeration: http://scripts.loado.com/~admin User Enumeration: http://scripts.loado.com/~ld1 User Enumeration: http://scripts.loado.com/~nobody User Enumeration: http://scripts.loado.com/~root Link to comment https://forums.phpfreaks.com/topic/91179-script-written-today/#findComment-467308 Share on other sites More sharing options...
mansfield Posted February 15, 2008 Share Posted February 15, 2008 it does not work for me, even when i enter a valid url. Link to comment https://forums.phpfreaks.com/topic/91179-script-written-today/#findComment-467916 Share on other sites More sharing options...
mikefrederick Posted February 18, 2008 Author Share Posted February 18, 2008 I added in some functions that now make all links/images/forms/style sheets absolute (example: href="images.php" will now be href="url/images.php"). Test it out some more...any suggestions on some cool features I could throw in? Link to comment https://forums.phpfreaks.com/topic/91179-script-written-today/#findComment-470091 Share on other sites More sharing options...
mikefrederick Posted February 18, 2008 Author Share Posted February 18, 2008 also, I suggest entering the following: your choice of url, "html",0,0...get the whole page Link to comment https://forums.phpfreaks.com/topic/91179-script-written-today/#findComment-470095 Share on other sites More sharing options...
phpSensei Posted February 18, 2008 Share Posted February 18, 2008 This is all i get in the View Source <ht Blank page Link to comment https://forums.phpfreaks.com/topic/91179-script-written-today/#findComment-470103 Share on other sites More sharing options...
mikefrederick Posted February 19, 2008 Author Share Posted February 19, 2008 what did you put down for inputs? Link to comment https://forums.phpfreaks.com/topic/91179-script-written-today/#findComment-470171 Share on other sites More sharing options...
bank Posted February 19, 2008 Share Posted February 19, 2008 Looks like a great idea, anyway, heres another problem: Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 56 Warning: strpos() [function.strpos]: Offset not contained in string. in /home/ld1/public_html/scripts/pagegrabber/contentgrabber.php on line 57 It happens after not placing any input. Link to comment https://forums.phpfreaks.com/topic/91179-script-written-today/#findComment-470973 Share on other sites More sharing options...
Recommended Posts