ronan / scripts_pub

Blame view

curl.igalerie.php 3.11 KB
edit raw normal view history
9aeb1f46f   ronan   d2fb8f82-289d-11e... 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
 
  <?php
  session_start();
  
  $site = "https://adresse.de.mon.site.igalerie.fr";
  $lien = "/login";
  $lien3 = "/admin/?q=ftp";
  
  $path_cookie = '/tmp/cookie.'.session_id().'.txt';
  if (file_exists(realpath($path_cookie))) unlink($path_cookie);
  if (!file_exists(realpath($path_cookie))) touch($path_cookie);
  
  $curl = curl_init();
  
  $postfields = array();
  
  $postfields['auth_login'] = 'mon.user';
  $postfields['auth_password'] = 'mon.password';
  $postfields['submit'] = 'Valider';
  
  $postfields = http_build_query($postfields);
  
  curl_setopt($curl, CURLOPT_URL, $site.$lien);
  curl_setopt($curl, CURLOPT_COOKIEFILE, realpath($path_cookie));
  curl_setopt($curl, CURLOPT_COOKIEJAR, realpath($path_cookie));
  curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
  curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
  curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
  curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($curl, CURLOPT_HEADER, true);
  curl_setopt($curl, CURLOPT_POST, true);
  curl_setopt($curl, CURLOPT_POSTFIELDS, $postfields);
  curl_setopt($curl, CURLOPT_COOKIESESSION, true);
  
  $return = curl_exec($curl);
  $headers = curl_getinfo($curl);
  
  if (!$headers['http_code'] == '200'){
      echo "Erreur Step 1";
      exit(1);
  }
  
  curl_setopt($curl, CURLOPT_URL, $site.$lien3);
  curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($curl, CURLOPT_COOKIEFILE, realpath($path_cookie));
  curl_setopt($curl, CURLOPT_COOKIEJAR, realpath($path_cookie));
  curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
  curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
  curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
  curl_setopt($curl, CURLOPT_HEADER, true);
  curl_setopt($curl, CURLOPT_COOKIESESSION, true);
  
  $return = curl_exec($curl);
  $headers = curl_getinfo($curl);
  
  if (!$headers['http_code'] == '200'){
      echo "Erreur Step 2";
      exit(1);
  }
  
  $dom = new DOMDocument;
  @$dom->loadHTML($return);
  $inputs = $dom->getElementsByTagName('input');
  foreach ($inputs as $input) {
  	$cle = $input->getAttribute('name');
  	$valeur = "";
  	if($cle=="anticsrf"){
  		$valeur = $input->getAttribute('value');
  	}
  	if(!$valeur=="") break;
  }
  
  $postfields = array();
  
  $postfields['publish_images'] = 'on';
  $postfields['anticsrf'] = "$valeur";
  $postfields['action'] = 'scan';
  
  $postfields = http_build_query($postfields);
  
  curl_setopt($curl, CURLOPT_URL, $site.$lien3);
  curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($curl, CURLOPT_COOKIEFILE, realpath($path_cookie));
  curl_setopt($curl, CURLOPT_COOKIEJAR, realpath($path_cookie));
  curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
  curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
  curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
  curl_setopt($curl, CURLOPT_HEADER, true);
  curl_setopt($curl, CURLOPT_COOKIESESSION, true);
  curl_setopt($curl, CURLOPT_POST, true);
  curl_setopt($curl, CURLOPT_POSTFIELDS, $postfields);
  
  $return = curl_exec($curl);
  $headers = curl_getinfo($curl);
  
  if (!$headers['http_code'] == '200'){
      echo "Erreur Step 3";
      exit(1);
  }
  
  @$dom->loadHTML($return);
  $div = $dom->getElementById('ftp_report');
  $ps = $div->getElementsByTagName('p');
  
  foreach ($ps as $p => $value) {
  	echo "$value->nodeValue
  ";
  }
  
  curl_close($curl);
  
  exit(0);