PHP GUID Exposure
There's a neat little tutorial on how to access various PHP easteregg images at 0php. The author also describes how to prevent your server from displaying this image (to prevent outside users from being able to determine whether or not your server is running PHP).
I thought I'd make a little script that takes advantage of this easteregg and the inherent format of GIF image files to determine whether PHP is running on a remote server.
<?php
// Configuration.
$url = 'http://www.example.com/'; // Replace with whichever URL.
// Open the connection.
$handle = @fopen($url.'?=PHPE9568F36-D428-11d2-A769-00AA001ACF42', 'r');
if($handle)
echo("Handle active...\n"); else
die("Error creating handle!\n");
// Import data into buffer.
$buffer = fgets($handle, 4);
if($buffer == 'GIF') // <- part of the binary header for GIF files.
echo("This server is using PHP!\n"); else
echo("This server is NOT using PHP!\n");
// Close up, clean up.
$ret = fclose($handle);
$handle = NULL;
if($ret)
echo('Success!'); else
die('Failed to close handle!');
?>
Don't forget to replace $url with the server address before using this script.
Tags: easteregg, PHP, PHP detection
March 12th, 2009 at 6:45 pm
[...] - bookmarked by 4 members originally found by philbaumann on 2009-02-17 PHP GUID Exposure http://plasmid.co.uk/2008/08/06/php-guid-exposure/ - bookmarked by 2 members originally found by [...]
April 14th, 2009 at 9:32 am
[...] - PHP GUID Exposure saved by libelvox2009-04-07 - Easter-Egg: Wordpress saved by tsupples2009-04-04 - easteregg oder so [...]
May 4th, 2009 at 12:05 pm
[...] public links >> easteregg PHP GUID Exposure First saved by Renateari | 8 days ago Easter-Egg: Wordpress First saved by bbos | 13 days ago [...]