Dismiss Notice
Join Physics Forums Today!
The friendliest, high quality science and math community on the planet! Everyone who loves science is here!

Using PHP and cURL to submit POST requests to a website

  1. May 1, 2014 #1
    Here's the setup:

    I'm trying to write a PHP script to spam my buddy's website. He has given me full permission to try and do so. I have a very rudimentary understanding of HTTP protocols and am probably doing something wrong, because my attempt hasn't been working.

    Here's my PHP script:

    Code (Text):

    <!DOCTYPE html>
    <html>
    <head>
    <title>attack script</title>
    </head>
    <body>
    <?php
     
    /*  ------------ Functions needed for attack  --------------------- */
     
    function rand_str($len)
    {
        $str = "";
        while ($len-- > 0)
        {
            $val = rand(0,1) ? rand(ord("A"),ord("Z")) : rand(ord("a"),ord("z"));
            $str .= chr($val);
        }
        return $str;
    }
     
    /*  ----------------- Misc. preprocessing  -------------------- */
    date_default_timezone_set('America/Los_Angeles');
     
     
    /*  ----------------- Initialize new cURL session -------------------- */
     
    $curl = curl_init();
    $page_url = "[PLAIN]http://feucht.us/blog";[/PLAIN] [Broken]
    $funct_url = "[PLAIN]http://feucht.us/blog/wp-comments-post.php";[/PLAIN] [Broken]
    curl_setopt($curl, CURLOPT_URL, $funct_url);
     
     
    /*  ---------------------- Begin attack  ----------------------------- */
     
    echo("<h1>Comment spam run on <i>". $page_url . "</i> on " . date("d-m-Y h:i:s") . "</h1>");
    echo("<h3><b>RESULTS:</b></h3>");
    $num_coms = 10; /* # of comments to post */
    $wait_period = 1; /* # of seconds to wait between posting each comment */
    $name_length_bounds = array(5,20); /* min and max length of random name to be generated */
    $alias_length_bounds = array(8,15); /* min and max length of random email prefix to be generated */
    $email_length_bounds = array(3,10); /* min and max length of random email provider to be generated */
    $comment_length_bounds = array(5, 40); /* min and max length of random comment to be generated */
    while ($num_coms-- > 0)
    {
      /* Pause between the posting of comments: */
      sleep($wait_period);
     
      /* Initialize random names, email addresses and comments: */
      $rname = rand_str(rand($name_length_bounds[0], $name_length_bounds[1]));  
      $remail = rand_str(rand($alias_length_bounds[0], $alias_length_bounds[1])) . "@" . rand_str(rand($email_length_bounds[0], $email_length_bounds[1])) . ".com";
      $rcomment = rand_str(rand($comment_length_bounds[0], $comment_length_bounds[1]));
     
      /* Create POST request string from random text and add to cURL object */
      $post_string = "author=" . $rname . "&email=" . $remail . "&comment=" . $rcomment;
      curl_setopt($curl, CURLOPT_POSTFIELDS, $post_string);
      /* Execute the request and print out whether it succeeded or failed. */
      echo(curl_exec($curl) ? "<hr><p><span style='color:green'>Successfully submitted</span>" : "<hr><p><span style='color:red'>Did not successfully submit</span>");
      echo(" POST request <b>" . $post_string . "</b></p><p>to</p><p><b>" . $funct_url . "</b></p>");
    }
     
    ?>
    </body>
    </html>
     
    Since that's probably unreadable, here's a link to a pretty version:

    https://gist.github.com/anonymous/22457214c34564647eea

    The code, as is, attempts to generate 10 random comments (Once I get this working, I'll change that number to 1,000,000,000,000 hahah) using random strings for the 3 fields that need to be filled out in a comment, author, email and comment. Those correspond to 3 names of input elements inside a
    Code (Text):
    form
    element with action wp-comments-post.php and method post.

    So the crucial parts of the code are where I try to use a cURL object to issue post requests:

    Code (Text):
    $curl = curl_init();
    and

    Code (Text):
    $funct_url = "[PLAIN]http://feucht.us/blog/wp-comments-post.php";[/PLAIN] [Broken]
    and

    Code (Text):
    curl_setopt($curl, CURLOPT_URL, $funct_url);
    and

    Code (Text):
    curl_setopt($curl, CURLOPT_POSTFIELDS, $post_string);
    and

    Code (Text):
    curl_exec($curl)
    That sequence should do what I want, no? I was trying to following this documentation: http://codular.com/curl-with-php

    Any help greatly appreciated.
     
    Last edited by a moderator: May 6, 2017
  2. jcsd
  3. May 1, 2014 #2
    "my attempt hasn't been working" does not give us much info to analyse. Explain what happens and why you think it is not working.
     
  4. May 1, 2014 #3
    curl_exec($curl) is returning true, but the comments are not being posted on his page. I know his comment posting function checks for valid email addresses, but I've tested and seen that anything of the form

    string1 + "@" + string2 + ".com"​


    works, so I don't think it's a problem with that or with
     
  5. May 1, 2014 #4
    curl_exec($curl) is returning true, but the comments are not being posted on his page. I know his comment posting function checks for valid email addresses, but I've tested and seen that anything of the form

    string1 + "@" + string2 + ".com"​


    works, so I don't think the problem is that or anything related to an error in the type of text I'm submitting.
     
  6. May 1, 2014 #5
    From the example at http://curl.haxx.se/libcurl/php/examples/simplepost.html [Broken], it seems that you need to have this: curl_setopt($ch, CURLOPT_POST, 1);

    But in fact many things could go wrong, including processing on the other end. To be completely sure that your side is OK, you would need to dump the data sent on the connection and check that it looks like a valid HTTP POST request.
     
    Last edited by a moderator: May 6, 2017
  7. May 1, 2014 #6
    True. I'll fix that.

    I'll do that and report back.
     
    Last edited by a moderator: May 6, 2017
  8. May 1, 2014 #7

    Mark44

    Staff: Mentor

  9. May 7, 2014 #8
    You say curl_exec() returns true indicating success.

    What does "success" mean?

    Let's say curl successfully runs, successfully contacts the destination webserver, and successfully transmits your message. However, the server is responding with "200 OK" and "Busy, please try again later!" instead of adding the comment. What then does curl_exec() return? How does it know it "failed" or what you consider "failure"?

    With web you have to be prepared to receive almost anything from the remote system, and you need to check its response carefully. I would start by looking at the response code the webserver sends you back.
     
Know someone interested in this topic? Share this thread via Reddit, Google+, Twitter, or Facebook




Similar Discussions: Using PHP and cURL to submit POST requests to a website
Loading...