<?php
print_r(get_headers('http://www.hacker.org/challenge/misc/one.php'));
?>
Don't Blink
-
the_austria
- Posts: 5
- Joined: Sun Mar 11, 2012 2:57 pm
- Contact:
Oki, finaly I solve it !!!
But you have to explain me something. I've try a lot of things with wget. Before I didn't know this program.
I have try to download one.php but impossible. [ I think I don't have the permission.]
So after I have try to use php injection (I think because I don't know if it's that or not ) with file_get_contents(). So someone can explain me how to use this ?
I think I have to use this with wget --post-data no ?
So finally I have use analyse.info to find the solution.
I will be really greatfull if someone can help me because this challenge was really difficult for me because I don't really know php wget and injection.
Thank you !
edit: I have also try wget --server-response "http://www.hacker.org/challenge/misc/one.php" But I receive the content of two.php
But you have to explain me something. I've try a lot of things with wget. Before I didn't know this program.
I have try to download one.php but impossible. [ I think I don't have the permission.]
So after I have try to use php injection (I think because I don't know if it's that or not
) with file_get_contents(). So someone can explain me how to use this ?I think I have to use this with wget --post-data no ?
So finally I have use analyse.info to find the solution.
I will be really greatfull if someone can help me because this challenge was really difficult for me because I don't really know php wget and injection.
Thank you !
edit: I have also try wget --server-response "http://www.hacker.org/challenge/misc/one.php" But I receive the content of two.php
You don't have to know anything about PHP to solve this challenge.
Try to deal a little with the HTTP protocol and it's headers and status codes!
And if you found out, what status code 302 means, you know why you only see two.php in your browser and why one.php not even exists.
wget has options to deal with that challenge too (--max-redirect and -S) but especially for this challenge "telnet" is enough to solve.
Try to deal a little with the HTTP protocol and it's headers and status codes!
And if you found out, what status code 302 means, you know why you only see two.php in your browser and why one.php not even exists.
wget has options to deal with that challenge too (--max-redirect and -S) but especially for this challenge "telnet" is enough to solve.
You obviously did not read the HTTP specification, did you? See http://www.w3.org/Protocols/rfc2616/rfc2616.html
You can not read something, which is not there! one.php does not exist!
So file_get_content probably would read nothing... or an empty string.
A HTTP request "consists" of headers and body (=contents). Guess what file_get_content reads and what it doesn't?
You need to use get_headers from inside PHP to get the necessary information (see pokus1's post).
You can not read something, which is not there! one.php does not exist!
So file_get_content probably would read nothing... or an empty string.
A HTTP request "consists" of headers and body (=contents). Guess what file_get_content reads and what it doesn't?
You need to use get_headers from inside PHP to get the necessary information (see pokus1's post).