Tag Archives: easteregg

PHP GUID Exposure

There’s a neat little tutorial on how to access various PHP easteregg images at 0php. The author also describes how to prevent your server from displaying this image (to prevent outside users from being able to determine whether or not your server is running PHP).

I thought I’d make a little script that takes advantage of this easteregg and the inherent format of GIF image files to determine whether PHP is running on a remote server.

<?php
	
	// Configuration.
	$url = 'http://www.example.com/'; // Replace with whichever URL.
	
	// Open the connection.
	$handle = @fopen($url.'?=PHPE9568F36-D428-11d2-A769-00AA001ACF42', 'r');
	if($handle)
		echo("Handle active...
n"); else die("Error creating handle!n"); // Import data into buffer. $buffer = fgets($handle, 4); if($buffer == 'GIF') // <- part of the binary header for GIF files. echo("This server is using PHP!
n"); else echo("This server is NOT using PHP!
n"); // Close up, clean up. $ret = fclose($handle); $handle = NULL; if($ret) echo('Success!'); else die('Failed to close handle!'); ?>

Don’t forget to replace $url with the server address before using this script.