chilliboy
07-06-2001, 01:22 PM
I created this small script as I was tired of asking which $Varibles where avaiable for me to use in phpinclude - so that I could use them for some simple hacking. It basically output the variables and corresponding values to the Variable $Vars - which for security reasons I would get mail() to your email address. There is also a 'password' which you must pass in the URL for the script to work - change it to what you want and pass it in the URL like &mypassword=notathome. At the bottom of the script is an example of the output. I've done it for a number of useful variables but if you can think of any others that may be avaiable to phpinclude then I would be greatful if you could post them.
Put this in phpinclude template
if($Password == $MyPassword)
{
$Vars = "This is from page $HTTP_REFERER the variables are as follows \n\n";
$Vars .= GetVariables ($session, 'session');
$Vars .= GetVariables ($bbuserinfo, 'bbuserinfo');
$Vars .= GetVariables ($getforum, 'getforum');
$Vars .= GetVariables ($codestyleid, 'codestyleid');
$Vars .= GetVariables ($style, 'style');
$Vars .= GetVariables ($threadcache, 'threadcache');
//Use mail() to send it
}
function GetVariables ($Variables, $Names)
{
if($Variables)
{
$IsString = is_string($Variables);
$IsArray = is_array($Variables);
if($IsString)
{
$Details .= '$' . $Names . ' = ' . $Variables;
}
elseif($IsArray)
{
foreach($Variables AS $Key => $Value)
{
$IsArray1 = is_array($Value);
if($IsArray1)
{
foreach($Value AS $Key1 => $Value1)
$Details .= '$' . $Names . '[' . $Key . '][' . $Key1 . '] = ' . $Value1 . "\n";
}
else
{
$Details .= '$' . $Names . '[' . $Key . '] = ' . $Value . "\n";
}
}
}
else
{
$Details .= '$' . $Names . ' is neither array or string';
}
}
else
{
$Details .= '$' . $Names . ' is empty';
}
$Details .= "\n\n";
return $Details;
}
$session[0] = *****
$session[1] = 1
$session[userid] = 1
$session[2] = *****
$session[host] = *****
$session[3] = Mozilla/4.0 (compatible; MSIE 5.01; Windows 98; fs
$session[useragent] = Mozilla/4.0 (compatible; MSIE 5.01; Windows 98; fs
$session[4] = 1
$session[styleid] = 1
$session[dbsessionhash] = ******
$bbuserinfo[0] = 1
$bbuserinfo[userid] = 1
$bbuserinfo[1] = 6
$bbuserinfo[usergroupid] = 6
$bbuserinfo[2] = ***
$bbuserinfo[username] = ****
$bbuserinfo[3] = ******
$bbuserinfo[password] = *******
$bbuserinfo[4] = *********
$bbuserinfo[email] = *********
$bbuserinfo[5] = 4
$bbuserinfo[styleid] = 1
$bbuserinfo[6] =
$bbuserinfo[parentemail] =
$bbuserinfo[7] = 0
$bbuserinfo[coppauser] = 0
$bbuserinfo[8] =
$bbuserinfo[homepage] =
$bbuserinfo[9] =
$bbuserinfo[icq] =
$bbuserinfo[10] =
$bbuserinfo[aim] =
$bbuserinfo[11] =
$bbuserinfo[yahoo] =
$bbuserinfo[12] =
$bbuserinfo[signature] =
$bbuserinfo[13] = 1
$bbuserinfo[adminemail] = 1
$bbuserinfo[14] = 1
$bbuserinfo[showemail] = 1
$bbuserinfo[15] = 0
$bbuserinfo[invisible] = 0
$bbuserinfo[16] = *****
$bbuserinfo[usertitle] = ********
$bbuserinfo[17] = 0
$bbuserinfo[customtitle] = 0
$bbuserinfo[18] = 991748310
$bbuserinfo[joindate] = 991748310
$bbuserinfo[19] = 1
$bbuserinfo[cookieuser] = 1
$bbuserinfo[20] = -1
$bbuserinfo[daysprune] = -1
$bbuserinfo[21] = 994422966
$bbuserinfo[lastvisit] = 994422966
$bbuserinfo[22] = 994426738
$bbuserinfo[lastactivity] = 994426738
$bbuserinfo[23] = 993058999
$bbuserinfo[lastpost] = 993058999
$bbuserinfo[24] = 3
$bbuserinfo[posts] = 3
$bbuserinfo[25] = 0
$bbuserinfo[timezoneoffset] = 0
$bbuserinfo[26] = 0
$bbuserinfo[emailnotification] = 0
$bbuserinfo[27] =
$bbuserinfo[buddylist] =
$bbuserinfo[28] =
$bbuserinfo[ignorelist] =
$bbuserinfo[29] =
$bbuserinfo[pmfolders] =
$bbuserinfo[30] = 0
$bbuserinfo[receivepm] = 0
$bbuserinfo[31] = 0
$bbuserinfo[emailonpm] = 0
$bbuserinfo[32] = 0
$bbuserinfo[pmpopup] = 0
$bbuserinfo[33] = 0
$bbuserinfo[avatarid] = 0
$bbuserinfo[34] = 15
$bbuserinfo[options] = 15
$bbuserinfo[35] = 0000-00-00
$bbuserinfo[birthday] = 0000-00-00
$bbuserinfo[36] = -1
$bbuserinfo[maxposts] = -1
$bbuserinfo[37] = 1
$bbuserinfo[startofweek] = 1
$bbuserinfo[38] =
$bbuserinfo[ipaddress] =
$bbuserinfo[39] = 0
$bbuserinfo[referrerid] = 0
$bbuserinfo[40] = 1
$bbuserinfo[nosessionhash] = 1
$bbuserinfo[41] = 1
$bbuserinfo[42] =
$bbuserinfo[field1] =
$bbuserinfo[43] =
$bbuserinfo[field2] =
$bbuserinfo[44] =
$bbuserinfo[field3] =
$bbuserinfo[45] =
$bbuserinfo[field4] =
$bbuserinfo[showsignatures] = 1
$bbuserinfo[showavatars] = 1
$bbuserinfo[showimages] = 1
$bbuserinfo[showvbcode] = 1
$bbuserinfo[realstyleid] = 4
$bbuserinfo[lastvisitdate] = 07-06-2001 08:36 AM
$getforum[0] = 8
$getforum[forumid] = 8
$getforum[1] = 42
$getforum[styleid] = 42
$getforum[2] = 1
$getforum[styleoverride] = 1
$codestyleid = 42
$style[0] = 8
$style[templatesetid] = 8
$style[1] = 4
$style[replacementsetid] = 4
$style[2] = 0
$style[userselect] = 0
$threadcache[7][0] = 7
$threadcache[7][threadid] = 7
$threadcache[7][1] = test
$threadcache[7][title] = test
$threadcache[7][2] = 992972016
$threadcache[7][lastpost] = 992972016
$threadcache[7][3] = 8
$threadcache[7][forumid] = 8
$threadcache[7][4] = 0
$threadcache[7][pollid] = 0
$threadcache[7][5] = 1
$threadcache[7][open] = 1
$threadcache[7][6] = 0
$threadcache[7][replycount] = 0
$threadcache[7][7] = zeb
$threadcache[7][postusername] = **
$threadcache[7][8] = 1
$threadcache[7][postuserid] = 1
$threadcache[7][9] = zeb
$threadcache[7][lastposter] = ***
$threadcache[7][10] = 992972016
$threadcache[7][dateline] = 992972016
$threadcache[7][11] = 27
$threadcache[7][views] = 27
$threadcache[7][12] = 0
$threadcache[7][iconid] = 0
$threadcache[7][13] =
$threadcache[7][notes] =
$threadcache[7][14] = 1
$threadcache[7][visible] = 1
$threadcache[7][15] = 0
$threadcache[7][sticky] = 0
$threadcache[7][16] = 0
$threadcache[7][votenum] = 0
$threadcache[7][17] = 0
$threadcache[7][votetotal] = 0
$threadcache[7][18] = 0
$threadcache[7][attach] = 0
Put this in phpinclude template
if($Password == $MyPassword)
{
$Vars = "This is from page $HTTP_REFERER the variables are as follows \n\n";
$Vars .= GetVariables ($session, 'session');
$Vars .= GetVariables ($bbuserinfo, 'bbuserinfo');
$Vars .= GetVariables ($getforum, 'getforum');
$Vars .= GetVariables ($codestyleid, 'codestyleid');
$Vars .= GetVariables ($style, 'style');
$Vars .= GetVariables ($threadcache, 'threadcache');
//Use mail() to send it
}
function GetVariables ($Variables, $Names)
{
if($Variables)
{
$IsString = is_string($Variables);
$IsArray = is_array($Variables);
if($IsString)
{
$Details .= '$' . $Names . ' = ' . $Variables;
}
elseif($IsArray)
{
foreach($Variables AS $Key => $Value)
{
$IsArray1 = is_array($Value);
if($IsArray1)
{
foreach($Value AS $Key1 => $Value1)
$Details .= '$' . $Names . '[' . $Key . '][' . $Key1 . '] = ' . $Value1 . "\n";
}
else
{
$Details .= '$' . $Names . '[' . $Key . '] = ' . $Value . "\n";
}
}
}
else
{
$Details .= '$' . $Names . ' is neither array or string';
}
}
else
{
$Details .= '$' . $Names . ' is empty';
}
$Details .= "\n\n";
return $Details;
}
$session[0] = *****
$session[1] = 1
$session[userid] = 1
$session[2] = *****
$session[host] = *****
$session[3] = Mozilla/4.0 (compatible; MSIE 5.01; Windows 98; fs
$session[useragent] = Mozilla/4.0 (compatible; MSIE 5.01; Windows 98; fs
$session[4] = 1
$session[styleid] = 1
$session[dbsessionhash] = ******
$bbuserinfo[0] = 1
$bbuserinfo[userid] = 1
$bbuserinfo[1] = 6
$bbuserinfo[usergroupid] = 6
$bbuserinfo[2] = ***
$bbuserinfo[username] = ****
$bbuserinfo[3] = ******
$bbuserinfo[password] = *******
$bbuserinfo[4] = *********
$bbuserinfo[email] = *********
$bbuserinfo[5] = 4
$bbuserinfo[styleid] = 1
$bbuserinfo[6] =
$bbuserinfo[parentemail] =
$bbuserinfo[7] = 0
$bbuserinfo[coppauser] = 0
$bbuserinfo[8] =
$bbuserinfo[homepage] =
$bbuserinfo[9] =
$bbuserinfo[icq] =
$bbuserinfo[10] =
$bbuserinfo[aim] =
$bbuserinfo[11] =
$bbuserinfo[yahoo] =
$bbuserinfo[12] =
$bbuserinfo[signature] =
$bbuserinfo[13] = 1
$bbuserinfo[adminemail] = 1
$bbuserinfo[14] = 1
$bbuserinfo[showemail] = 1
$bbuserinfo[15] = 0
$bbuserinfo[invisible] = 0
$bbuserinfo[16] = *****
$bbuserinfo[usertitle] = ********
$bbuserinfo[17] = 0
$bbuserinfo[customtitle] = 0
$bbuserinfo[18] = 991748310
$bbuserinfo[joindate] = 991748310
$bbuserinfo[19] = 1
$bbuserinfo[cookieuser] = 1
$bbuserinfo[20] = -1
$bbuserinfo[daysprune] = -1
$bbuserinfo[21] = 994422966
$bbuserinfo[lastvisit] = 994422966
$bbuserinfo[22] = 994426738
$bbuserinfo[lastactivity] = 994426738
$bbuserinfo[23] = 993058999
$bbuserinfo[lastpost] = 993058999
$bbuserinfo[24] = 3
$bbuserinfo[posts] = 3
$bbuserinfo[25] = 0
$bbuserinfo[timezoneoffset] = 0
$bbuserinfo[26] = 0
$bbuserinfo[emailnotification] = 0
$bbuserinfo[27] =
$bbuserinfo[buddylist] =
$bbuserinfo[28] =
$bbuserinfo[ignorelist] =
$bbuserinfo[29] =
$bbuserinfo[pmfolders] =
$bbuserinfo[30] = 0
$bbuserinfo[receivepm] = 0
$bbuserinfo[31] = 0
$bbuserinfo[emailonpm] = 0
$bbuserinfo[32] = 0
$bbuserinfo[pmpopup] = 0
$bbuserinfo[33] = 0
$bbuserinfo[avatarid] = 0
$bbuserinfo[34] = 15
$bbuserinfo[options] = 15
$bbuserinfo[35] = 0000-00-00
$bbuserinfo[birthday] = 0000-00-00
$bbuserinfo[36] = -1
$bbuserinfo[maxposts] = -1
$bbuserinfo[37] = 1
$bbuserinfo[startofweek] = 1
$bbuserinfo[38] =
$bbuserinfo[ipaddress] =
$bbuserinfo[39] = 0
$bbuserinfo[referrerid] = 0
$bbuserinfo[40] = 1
$bbuserinfo[nosessionhash] = 1
$bbuserinfo[41] = 1
$bbuserinfo[42] =
$bbuserinfo[field1] =
$bbuserinfo[43] =
$bbuserinfo[field2] =
$bbuserinfo[44] =
$bbuserinfo[field3] =
$bbuserinfo[45] =
$bbuserinfo[field4] =
$bbuserinfo[showsignatures] = 1
$bbuserinfo[showavatars] = 1
$bbuserinfo[showimages] = 1
$bbuserinfo[showvbcode] = 1
$bbuserinfo[realstyleid] = 4
$bbuserinfo[lastvisitdate] = 07-06-2001 08:36 AM
$getforum[0] = 8
$getforum[forumid] = 8
$getforum[1] = 42
$getforum[styleid] = 42
$getforum[2] = 1
$getforum[styleoverride] = 1
$codestyleid = 42
$style[0] = 8
$style[templatesetid] = 8
$style[1] = 4
$style[replacementsetid] = 4
$style[2] = 0
$style[userselect] = 0
$threadcache[7][0] = 7
$threadcache[7][threadid] = 7
$threadcache[7][1] = test
$threadcache[7][title] = test
$threadcache[7][2] = 992972016
$threadcache[7][lastpost] = 992972016
$threadcache[7][3] = 8
$threadcache[7][forumid] = 8
$threadcache[7][4] = 0
$threadcache[7][pollid] = 0
$threadcache[7][5] = 1
$threadcache[7][open] = 1
$threadcache[7][6] = 0
$threadcache[7][replycount] = 0
$threadcache[7][7] = zeb
$threadcache[7][postusername] = **
$threadcache[7][8] = 1
$threadcache[7][postuserid] = 1
$threadcache[7][9] = zeb
$threadcache[7][lastposter] = ***
$threadcache[7][10] = 992972016
$threadcache[7][dateline] = 992972016
$threadcache[7][11] = 27
$threadcache[7][views] = 27
$threadcache[7][12] = 0
$threadcache[7][iconid] = 0
$threadcache[7][13] =
$threadcache[7][notes] =
$threadcache[7][14] = 1
$threadcache[7][visible] = 1
$threadcache[7][15] = 0
$threadcache[7][sticky] = 0
$threadcache[7][16] = 0
$threadcache[7][votenum] = 0
$threadcache[7][17] = 0
$threadcache[7][votetotal] = 0
$threadcache[7][18] = 0
$threadcache[7][attach] = 0