diff options
author | Kyle Kaminski <kyle@kkaminsk.com> | 2013-06-16 03:25:26 -0500 |
---|---|---|
committer | Kyle Kaminski <kyle@kkaminsk.com> | 2013-06-16 03:25:26 -0500 |
commit | 1bad4fc00814e2c03ecadaa7faf93c6372f5bd30 (patch) | |
tree | 88104590feefcb804f5fa0ca57ee1a6c76cbf0a7 /fetch.php | |
download | phpsandbox-1bad4fc00814e2c03ecadaa7faf93c6372f5bd30.tar.gz phpsandbox-1bad4fc00814e2c03ecadaa7faf93c6372f5bd30.tar.bz2 phpsandbox-1bad4fc00814e2c03ecadaa7faf93c6372f5bd30.zip |
initial commit
Diffstat (limited to 'fetch.php')
-rw-r--r-- | fetch.php | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/fetch.php b/fetch.php new file mode 100644 index 0000000..e7afc2c --- /dev/null +++ b/fetch.php @@ -0,0 +1,36 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Hacker's Corner</title>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+</head>
+<body>
+<h1>Please Don't Fear!</h1>
+<b>Sandbox:</b> Fuk the Fetch!<br />
+<h2>In Soviet Russia the university fails you!</h2>
+<p>
+<?php
+ error_reporting(E_ALL | E_STRICT);
+ ini_set("display_errors", 1);
+
+ echo "<a href=\"request.php?id=decap.jpg\">Fetch Decapped Injectors</a><br />\n";
+ echo "<a href=\"request.php?id=pc.jpg\">Fetch a PC</a><br />\n";
+ /* this one has spaces, hence we use url encoding, only needed for GET */
+ echo "<a href=\"request.php?id=" . urlencode("dave at garage.jpg") . "\">Dave</a><br />\n";
+ /* raw url would use %20 instead of a + for a space, raw is used in url too the left of ?
+ * also, apache would insert %20 for us without using urlencode, but we should no rely on this */
+
+ echo "<a href=\"request.php?id=code.jpg\">" . htmlspecialchars("teh code & my <lab>") . "</a>\n";
+?>
+</p>
+<p>
+Raw URL<br />
+<?php
+ $raw_url = rawurlencode("omfg terabyte ram helluva low latency iz in my h4x0red pc");
+ echo $raw_url . "<br />\n";
+?>
+</p>
+</body>
+</html>
+
|