I have tried creating a function with PHP which upload a file to the server (I took a code from the internet), and uploading a file to the server using mIRC and HTTP POST (or HTTP PUT) command.
Since my knowledge in HTTP is very low I got nothing but errors:
HTTP/1.1 200 OK
Date: Mon, 14 Jun 2004 09:09:41 GMT
Server: Apache/1.3.29 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.4 FrontPage/5.0.2.2634 mod_ssl/2.8.16 OpenSSL/0.9.7a
X-Powered-By: PHP/4.3.4
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
4f
<pre>Possible file upload attack! Here's some debugging info:
Array
(
)
</pre>
0
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>501 Method Not Implemented</TITLE>
</HEAD><BODY>
<H1>Method Not Implemented</H1>
67890123456789012345678901234567890 to /index.html not supported.<P>
Invalid method in request 67890123456789012345678901234567890<P>
<HR>
<ADDRESS>Apache/1.3.29 Server at 66-193-231-225.gen.twtelecom.net Port 80</ADDRESS>
</BODY></HTML>
The PHP code is:
<?php
$uploadDir = '/home/x0freeh/public_html/saragani/';
$uploadFile = $uploadDir . $_FILES['userfile']['name'];
print "<pre>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadFile))
{
print "File is valid, and was successfully uploaded. ";
print "Here's some more debugging info:\n";
print_r($_FILES);
}
else
{
print "Possible file upload attack! Here's some debugging info:\n";
print_r($_FILES);
}
print "</pre>";
?>
The mIRC code is:
alias upload {
set %data data=1234567890123456789012345678901234567890
sockopen upload server.com 80
}
on *:sockopen:upload: {
if ($sockerr > 0) echo 4 -a ERROR
sockwrite -tn $sockname POST /saragani/upload.php HTTP/1.1
sockwrite -tn $sockname Host: server.com $+ $str($crlf ,1)
sockwrite -tn $sockname User-Agent: Mozilla/5.0
sockwrite -tn $sockname Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
sockwrite -tn $sockname Accept-Language: en-us
sockwrite -tn $sockname Content-Type: application/x-www-form-urlencoded
sockwrite -tn $sockname Content-Length: 10
sockwrite -tn $sockname Connection: Keep-Alive
sockwrite -tn $sockname
sockwrite -tn $sockname %data
sockwrite -tn $sockname
}
I just wanted to check if it will write the 123456789......
If anyone cam help me with the mIRC scripting I'll be happy. If anyone could also help me with the PHP scripting (Maybe I did something wrong.... I just copied the code from the net, cause I don't know PHP much) then I'll be very happy.
If it will work, then I'll be able to use a loop which will scan the text file and will write the text to the socket, so the other side will get the full file.
Please help, Thanks.