and also use php to edit the header information sent along with that same request, such as the referer?
Or would it be be smarter to re-write the whole POST request in php?
And if that is the case should I start a new thread about how I would go about doing that or would someone be willing to answer that here too?
Thanks for the help everyone.
Edited by on 09-05-08 16:28
RE: php header spoofing
Posts: Location: Joined: 01.01.70 Rank: Guest
Posted on 09-05-08 06:02
You're going about it the wrong way. Look into CURL. It has lots of fun uses
Thanks Uberon that is a cool utility, that will definitely come in handy. So I have a form to send the POST request, now I just need to spoof the referer so that the post data will be accepted. Ya I think your right faralas, cURL would be the way to go. But in that case I need to know, do I need to re-write that html form in cURL? Or can I use cURL to just spoof the referer and send that html POST request?
Here is some code that looks very simple and SHOULD be working.
It looks like it connects to the site and executes the POST request with the post query I gave it but when I execute this nothing happens??
I have a free subdomain that supports php and the cURL library so I know thats not the issue.
Now the cURL application below works as far as sending back the html code of the page I sent it to but it doesn't execute the POST request and carry out the actions I was hoping....
I am just starting php coding and only know the basics, so if someone could please lend a hand in putting my html form similar to the one made from "http://www.whiteacid.org/misc/xss_post_forwarder.php" into php/cURL it would be a huge help. And also possibly refer me (no pun intended) to a good php tutorial that talks about some advanced functions that would be great. Thanks again.
Hellbound Hackers is the collective work of the staff and the community and is therefore licensed under the CC BY-NC-SA license.