PHP script that detects if auth is required or not on Apache Splunk Post: 303025672

Sponsored Content

Top Forums Shell Programming and Scripting PHP script that detects if auth is required or not on Apache Splunk Post 303025672 by syrius on Thursday 8th of November 2018 10:06:46 PM

11-08-2018

Registered User

PHP script that detects if auth is required or not on Apache Splunk

I am currently trying to do a PHP script that detects automatically if Apache Splunk authentication is required or not but I'm having a hard time since HTTP code 303 is always coming back, even if auth is required or not.

Here is the script so far;

Code:

<?php
/**
 * Apache Splunk script to verify if auth is required or not
 * Original Author: Damian HARt
 * Version : 1.0
 */
ini_set('memory_limit', '800M'); // Set ram limit
require('zebracurl.php');

if($argc === 3){
    $file = $argv[1];
    if(is_readable($file)){
        $handle = fopen($file, 'r');
        if ($handle){
            $i = 0;
            $curl = new Zebra_cURL();
            $line_id = 0;
            $total_lines = count_lines(__DIR__.DIRECTORY_SEPARATOR.$file);
            $url_to_check = array();
            $curl->threads = 100;
            $curl->option(array(CURLOPT_TIMEOUT => 20));
            echo 'Welcome in Apache Splunk detector'.PHP_EOL;
            echo '[!] Total lines to parse in '.$file.': '.$total_lines.PHP_EOL;
            echo '--------------------------------------------------------------------------------'.PHP_EOL;
            while (($uri = fgets($handle)) !== false){
                if (!empty($uri) ){
                    $url_to_check[] = trim($uri).':'.$argv[2].'/splunk/en-US/manager/search/apps/local';
                    if ($i === 99 || $line_id + 1 === $total_lines){
                        $curl->get($url_to_check, function($request){
                            if ($request->response[1] == CURLE_OK && $request->info['http_code'] === 200){
                                for ($_i = 0; $_i < count($request->headers['responses']); $_i++){
                                    $header_array = array_change_key_case($request->headers['responses'][$_i], CASE_LOWER);
                                    if (isset($header_array['Server'])){
                                        file_put_contents('results.txt', $request->info['original_url'].PHP_EOL,FILE_APPEND | LOCK_EX);
                                        echo '[+] '.$request->info['original_url'].PHP_EOL;
                                    }
                                }
                            }
                        });
                        $i = 0;
                        $url_to_check = array();
                    }
                }
                $i++;
                $line_id++;
            }
        } else {
            echo setColor('An error was occurred on file opening '.$config['input_file'], $with_color ? 'danger' : '').PHP_EOL;
            fclose($handle);
            unset($curl);
            die();
        }
        fclose($handle);
        unset($curl);
    }
}else { echo '[!] Usage: php splunk-detector.php LAN-IPs.txt 8000'; }

function count_lines($file){
    $total_lines = 0;
    if (file_exists($file)){
        $handle = fopen($file, "r");
        while (!feof($handle)){ if (fgets($handle) !== false) $total_lines += 1; }
        fclose($handle);
    } return $total_lines;
}

I am open to any solutions/suggestions as long as I can accomplish my goal.

Thanks

Last edited by syrius; 11-09-2018 at 04:52 PM..

syrius

View Public Profile for syrius

Find all posts by syrius

8 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Apache auth question

While not technically a unix question, I was hoping for some help from you all- I've got an Apache 1.3.x server, and I am using basic auth from the pam_auth module and winbind on the back of that. What I get is a relaly sleek authentication for my Windos domain users, however, as they are wont...

2. Shell Programming and Scripting

script that detects duplicate files in directory

I need help with a script which accepts one argument and goes through all the files under a directory and prints a list of possible duplicate files As its output, it prints zero or more lines, each one containing a space-separated list of filenames. All the files listed on one line have the same...

3. Shell Programming and Scripting

PHP required check box

I am new to PHP scripting. I have a page with a checkbox and I'd like to make it required before submiting Here is the code I have for displaying: <tr> <td align="center" colspan="4"><font size="2" color="#990000" face="Arial, Helvetica, sans-serif"> By checking this box you agree...

4. Linux

Installing Php for apache

Hi i am using Fedora 8 and it comes with precompiled rpm distribution of php. I want to configure my Apache web server for php . Did i need to recompile php.... or it can be configured accordingly for apache... Thanks for any sort of help

5. Web Development

Apache + DSO PHP

Hello, guys! I have a web server that uses PHP as DSO. Do you know any tool that can help me monitoring the CPU usage for any domain/subdomain that is hosted on this server?

6. Shell Programming and Scripting

Apache not executing script!! help required soon

i need to know all possible reasons for apache not able to execute a command on server side script. I have a cgi script that calls a shell script .This shell script calls a perl script which has commnad in it. Ths command is not getting executed from gui.The return status of shell script is 256....

7. Shell Programming and Scripting

Shell Script for User AUTH Help

#!/usr/bin/ksh /bin/clear LIST_USERS="user1|user2|user" echo "Please enter the PASSWORD:" stty -echo read PASSWORD stty echo if ; then echo "You have access!" else echo "ACCESS DENIED!" exit fi This above script is not working when I auth more then one user w/in...

8. Linux

Need help on apache and PHP

Hi All, I just ordered unmanaged server for my application testing. But when I try to install the application it is showing blank page. Done know, what will be reason it showing blank page This is my output # rpm -q php php-5.3.10-5.el5.art # rpm -q mysql mysql-5.0.95-1.el5_7.1...

LEARN ABOUT PHP

virtual

VIRTUAL(3)								 1								VIRTUAL(3)

virtual - Perform an Apache sub-request

SYNOPSIS

       bool virtual (string  $filename)

DESCRIPTION

       virtual(3) is an Apache-specific function which is similar to <!--#include virtual...--> in mod_include. It performs an Apache sub-request.
       It is useful for including CGI scripts or .shtml files, or anything else that you would parse through Apache. Note that for a  CGI  script,
       the script must generate valid CGI headers. At the minimum that means it must generate a Content-Type header.

	To run the sub-request, all buffers are terminated and flushed to the browser, pending headers are sent too.

       This function is supported when PHP is installed as an Apache module or by the NSAPI server module in Netscape/iPlanet/SunONE webservers.

PARAMETERS

	      o $filename
		- The file that the virtual command will be performed on.

RETURN VALUES

	Performs the virtual command on success, or returns FALSE on failure.

EXAMPLES

	See apache_note(3) for an example.

NOTES

       Warning

	       The query string can be passed to the included file but $_GET is copied from the parent script and only $_SERVER['QUERY_STRING'] is
	      filled with the passed query string. The query string may only be passed when using Apache 2. The requested file will not be  listed
	      in the Apache access log.

       Note

	       Environment variables set in the requested file are not visible to the calling script.

       Note

	       This function may be used on PHP files. However, it is typically better to use include(3) or require(3) for PHP files.

SEE ALSO

       apache_note(3).

PHP Documentation Group 														VIRTUAL(3)