i'm wondering if we could find an XSS on a site then i can run my PHP code by for example embedding the source in the page or something or using eval in javascript ? any thoughts ?
no, that would be a remote code execution or remote file inclusion, not a xss.
Related
I installed WAMP Server 3.0.1 on my Windows 10, i can access the phpmyadmin page and edit databases and all that.
But when i try to test an html file linked to a php file from localhost
(EX: http://localhost///C:/Users/username/Desktop/Testing/detail.html)
it gives me the 403 Forbidden Error
Thank you for your assisstance, i searched the web and did not find clear anserws
Please can you clarify what do you mean by:
html file linked to a php file
Since you haven't given so many details about your issue. I will try to answer your question in parts as there might be different possibilities
http://localhost///C:/Users/username/Desktop/Testing/detail.html
The URL that you try doesn't seem to be correct URL. It seems you're doing something wrong. When you install web server to your local machine you will not need any URLs in such format
C:/Users/username/Desktop/Testing/detail.html
Maybe you can try to copy your files in www folder and then run it like:
http://localhost/detail.html
If you are passing an HTML file to your PHP Code I should say there is no PHP file written in your URL. Also passing URL which is from outside web server environment is totally wrong idea which can cause security issues sooner or later. You should consider changing your design idea. Maybe try to look up examples those are availeble in the internet.
Also here is another suggestion to you: Ask the question itself to yourself before posting here.
In conclusion my suggestions are; please edit your question to provide as much detail as you can with a clarified version of your problem. So helpful people on this website will able and happy to help you.
I am looking at the following demo - http://blueimp.github.com/jQuery-File-Upload/
To my understanding in the demo, php files are being served from github which means php content can be served / run from github.
I understand the process to publish html content from code hosted at github via this link - http://help.github.com/pages/ I am just curious to know how can I show a .php page as a demo, similar to what is done in blueimp above.
I tried similar thing at http://synechron.github.com/index2.php but instead of displaying in the browser window the page gets downloaded in Google chrome and in IE9 index.html is displayed.
Github Pages is not a full-featured web host. It will not execute PHP, or any other arbitrary code.
No, you can’t.
Github Pages let you serve web client content (HTML, Javascript, CSS) without the need of owning and maintaining a web server. You can make sub folders, map your domain into it. Use tools such as Jekyll or Hugo with some basic programming skills, you can make your site work as good as an CMS.
However, it does not allow you to use any backend technology to process and manipulate data/logic.
So, PHP is not possible.
I have looked into everything but I think this is a unique problem. I have a web service in my website. This web service uses XMLRPC.NET but that hardly matters. i use this web service to get the string sent by the client and convert it into XML.This all is working fine. But the real problem is: I have a .aspx that uses the above written xml to generate a crystal report and save it as a PDF. The problem is I cannot call the .aspx page from my web service as response. redirect does not work. I tried writing the complete crystal report generation and PDF save logic in the web service method but it does not work because the CrystalReportViewer1.reportsource gives an error as it does not recognize the CrystalReportViewer1 in the current context. is there any way that I can do this by redirecting or by using the crystal report logic in the web service or any other way. Seems a little complicated but any help will be greatly appreciated. Please need help.
Thank You
I have in site topcoder.com where we can create and compile code in the browser.
is it possible to code something like that in my browser i can write code in text editor and then i have compile button over there.
Or may be the request is sent to the compiler on server gcc and then get result from there.
How can i achieve something like that
Your latter (send to server) is exactly what sites like codepad.org do. There are of course security problems with openly allowing people to execute compilers and run programs on your server.
The browser only option could include:
NaCl (native client)
Writing a compiler in JS (possible, not suggested for sanity depending on language)
Using a Java applet and writing a compiler
Ditto for Flash
Ditto for SIlverlight
ActiveX control (not suggested)
Sites like TopCoder have the compiler on a back-end server. The code pasted to the site is sent to back-end server where it is compiled and run and the results returned to the user's browser.
Yes. You can send the codes to your compiler by uploading the code to server, compile it and then send back result / console output to browser screen.
For your information, PHP can execute shell commands (which can "order" your compiler to compile the codes).
I'm a starting a project which consist in sending a request to a web-service (which is already available) and parsing the response. I have the WSDL and URL endpoints. Does anyone have a startup tutorial on how to build something from there?
I would like to use Axis2 + Axiom to send the service request and receive and process the response. I'm using eclipse as dev env. I've been search for a tut on how to do this but with no success.
Any suggestion would be greatly appreciated!
this might help you
creating a webservice client using eclipse
I don't know about Axiom, but SOAP UI is a terrific tool for testing web services in just the manner you describe.
I don't know if Eclipse has a plug-in for it. (They do for everything else.) IntelliJ supports it, so that's how I use it.
Well in conclusion, I did find two very useful links for the Apache axis2 project, got it working in no time!
A deep explanation Invoking Web Services using Apache Axis2:
http://today.java.net/pub/a/today/2006/12/13/invoking-web-services-using-apache-axis2.html
For code generation from WSDL:
http://axis.apache.org/axis2/java/core/tools/eclipse/wsdl2java-plugin.html