Skip to content

Instantly share code, notes, and snippets.

@sukovec

sukovec/abc.html

Created June 19, 2019 05:48
Show Gist options
  • Save sukovec/4fc48de6720c4a6c47151e4b80423477 to your computer and use it in GitHub Desktop.
Save sukovec/4fc48de6720c4a6c47151e4b80423477 to your computer and use it in GitHub Desktop.
Download ZIP
WTF chrome
Raw
abc.html
<html>
<head>
<title>Abc def</title>
</head>
<body>
<form action="abc.php" method="POST">
<input type="text" name="prvni" /><br />
<input type="text" name="druha" value="predvyplneno" /><br />
<input type="submit" value="odeslat" />
</form>
</body>
</html>
Raw
abc.php
<?php
header("Content-type: text/html");
ob_start();
echo "Request sent ", date("Y-m-d H:i:s"), "\n";
echo "--------------\n\n";
echo "Dump of GET:\n-------------------\n";
print_r($_GET); echo "\n\n";
echo "Dump of POST:\n-------------------\n";
print_r($_POST); echo "\n\n";
echo "Dump of SERVER:\n-------------------\n";
print_r($_SERVER); echo "\n\n";
echo "\n\n\n\n";
$out = ob_get_contents();
ob_end_flush();
file_put_contents("out.txt", $out, FILE_APPEND | LOCK_EX);
$data=base64_encode($out);
//header("HTTP/1.1 303 See Other");
//header("Location: def.php?data=${data}");
Raw
out.txt
Request sent 2019-06-19 05:23:51
--------------
Dump of GET:
-------------------
Array
(
)
Dump of POST:
-------------------
Array
(
[prvni] => Fjridjcdj
[druha] => predvyplneno
)
Dump of SERVER:
-------------------
Array
(
[HTTP_HOST] => 192.168.43.13
[HTTP_CONNECTION] => keep-alive
[CONTENT_LENGTH] => 34
[HTTP_CACHE_CONTROL] => max-age=0
[HTTP_ORIGIN] => http://192.168.43.13
[HTTP_UPGRADE_INSECURE_REQUESTS] => 1
[CONTENT_TYPE] => application/x-www-form-urlencoded
[HTTP_SAVE_DATA] => on
[HTTP_USER_AGENT] => Mozilla/5.0 (Linux; Android 5.1.1; SM-J320FN) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Mobile Safari/537.36
[HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
[HTTP_REFERER] => http://192.168.43.13/test/abc.html
[HTTP_ACCEPT_ENCODING] => gzip, deflate
[HTTP_ACCEPT_LANGUAGE] => cs-CZ,cs;q=0.9,en;q=0.8
[PATH] => /usr/local/sbin:/usr/local/bin:/usr/bin
[SERVER_SIGNATURE] =>
[SERVER_SOFTWARE] => Apache/2.4.39 (Unix) PHP/7.3.6
[SERVER_NAME] => 192.168.43.13
[SERVER_ADDR] => 192.168.43.13
[SERVER_PORT] => 80
[REMOTE_ADDR] => 192.168.43.19
[DOCUMENT_ROOT] => /var/www
[REQUEST_SCHEME] => http
[CONTEXT_PREFIX] =>
[CONTEXT_DOCUMENT_ROOT] => /var/www
[SERVER_ADMIN] => you@example.com
[SCRIPT_FILENAME] => /var/www/test/abc.php
[REMOTE_PORT] => 43744
[GATEWAY_INTERFACE] => CGI/1.1
[SERVER_PROTOCOL] => HTTP/1.1
[REQUEST_METHOD] => POST
[QUERY_STRING] =>
[REQUEST_URI] => /test/abc.php
[SCRIPT_NAME] => /test/abc.php
[PHP_SELF] => /test/abc.php
[REQUEST_TIME_FLOAT] => 1560921831.432
[REQUEST_TIME] => 1560921831
)
Request sent 2019-06-19 05:23:55
--------------
Dump of GET:
-------------------
Array
(
)
Dump of POST:
-------------------
Array
(
)
Dump of SERVER:
-------------------
Array
(
[HTTP_USER_AGENT] => Dalvik/2.1.0 (Linux; U; Android 5.1.1; SM-J320FN Build/LMY47V)
[HTTP_HOST] => 192.168.43.13
[HTTP_CONNECTION] => Keep-Alive
[HTTP_ACCEPT_ENCODING] => gzip
[PATH] => /usr/local/sbin:/usr/local/bin:/usr/bin
[SERVER_SIGNATURE] =>
[SERVER_SOFTWARE] => Apache/2.4.39 (Unix) PHP/7.3.6
[SERVER_NAME] => 192.168.43.13
[SERVER_ADDR] => 192.168.43.13
[SERVER_PORT] => 80
[REMOTE_ADDR] => 192.168.43.19
[DOCUMENT_ROOT] => /var/www
[REQUEST_SCHEME] => http
[CONTEXT_PREFIX] =>
[CONTEXT_DOCUMENT_ROOT] => /var/www
[SERVER_ADMIN] => you@example.com
[SCRIPT_FILENAME] => /var/www/test/abc.php
[REMOTE_PORT] => 44583
[GATEWAY_INTERFACE] => CGI/1.1
[SERVER_PROTOCOL] => HTTP/1.1
[REQUEST_METHOD] => GET
[QUERY_STRING] =>
[REQUEST_URI] => /test/abc.php
[SCRIPT_NAME] => /test/abc.php
[PHP_SELF] => /test/abc.php
[REQUEST_TIME_FLOAT] => 1560921835.329
[REQUEST_TIME] => 1560921835
)
Request sent 2019-06-19 05:23:55
--------------
Dump of GET:
-------------------
Array
(
)
Dump of POST:
-------------------
Array
(
)
Dump of SERVER:
-------------------
Array
(
[HTTP_USER_AGENT] => Dalvik/2.1.0 (Linux; U; Android 5.1.1; SM-J320FN Build/LMY47V)
[HTTP_HOST] => 192.168.43.13
[HTTP_CONNECTION] => Keep-Alive
[HTTP_ACCEPT_ENCODING] => gzip
[PATH] => /usr/local/sbin:/usr/local/bin:/usr/bin
[SERVER_SIGNATURE] =>
[SERVER_SOFTWARE] => Apache/2.4.39 (Unix) PHP/7.3.6
[SERVER_NAME] => 192.168.43.13
[SERVER_ADDR] => 192.168.43.13
[SERVER_PORT] => 80
[REMOTE_ADDR] => 192.168.43.19
[DOCUMENT_ROOT] => /var/www
[REQUEST_SCHEME] => http
[CONTEXT_PREFIX] =>
[CONTEXT_DOCUMENT_ROOT] => /var/www
[SERVER_ADMIN] => you@example.com
[SCRIPT_FILENAME] => /var/www/test/abc.php
[REMOTE_PORT] => 58238
[GATEWAY_INTERFACE] => CGI/1.1
[SERVER_PROTOCOL] => HTTP/1.1
[REQUEST_METHOD] => GET
[QUERY_STRING] =>
[REQUEST_URI] => /test/abc.php
[SCRIPT_NAME] => /test/abc.php
[PHP_SELF] => /test/abc.php
[REQUEST_TIME_FLOAT] => 1560921835.402
[REQUEST_TIME] => 1560921835
)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment