mbabker/xte.php Secret

## xte.php
<?php
/**
 * Joomla Tracker Web Application
 *
 * @copyright  Copyright (C) 2012 - 2014 Open Source Matters, Inc. All rights reserved.
 * @license    http://www.gnu.org/licenses/gpl-2.0.txt GNU General Public License Version 2 or Later
 */

// Set error reporting for development
error_reporting(-1);

// Define required paths
define('JPATH_ROOT',          dirname(__DIR__));
define('JPATH_CONFIGURATION', JPATH_ROOT . '/etc');
define('JPATH_THEMES',        JPATH_ROOT . '/www');
define('JPATH_TEMPLATES',     JPATH_ROOT . '/templates');

// Load the Composer autoloader
$path = realpath(JPATH_ROOT . '/vendor/autoload.php');

if (!$path)
{
	header('HTTP/1.1 500 Internal Server Error', null, 500);
	echo 'ERROR: Composer not properly set up! Run "composer install" or see README.md for more details' . PHP_EOL;

	exit(1);
}

include $path;

// Wrap in a try/catch so we can display an error if need be
try
{
	$container = (new Joomla\DI\Container)
		->registerServiceProvider(new JTracker\Service\CacheProvider)
		->registerServiceProvider(new JTracker\Service\ConfigurationProvider)
		->registerServiceProvider(new JTracker\Service\DatabaseProvider)
		->registerServiceProvider(new JTracker\Service\DebuggerProvider)
		->registerServiceProvider(new JTracker\Service\DispatcherProvider)
		->registerServiceProvider(new JTracker\Service\GitHubProvider)
		->registerServiceProvider(new JTracker\Service\MonologProvider)
		->registerServiceProvider(new JTracker\Service\RendererProvider)
		->registerServiceProvider(new JTracker\Service\TransifexProvider)
		->registerServiceProvider(new JTracker\Service\WebApplicationProvider);

	// Create the application aliases for the common 'app' key and base application class
	$container->alias('Joomla\\Application\\AbstractApplication', 'JTracker\\Application')
		->alias('app', 'JTracker\\Application');

	// Create the logger aliases for the common 'monolog' key, the Monolog Logger class, and the PSR-3 interface
	$container->alias('monolog', 'monolog.logger.application')
		->alias('logger', 'monolog.logger.application')
		->alias('Monolog\\Logger', 'monolog.logger.application')
		->alias('Psr\\Log\\LoggerInterface', 'monolog.logger.application');
}
catch (\Exception $e)
{
	if (isset($container))
	{
		// Try to write to a log
		try
		{
			$logger = $container->get('monolog.logger.application');
			$logger->critical(
				sprintf(
					'Exception of type %1$s thrown while booting the application',
					get_class($e)
				),
				['exception' => $e]
			);
		}
		catch (\Exception $nestedException)
		{
			// Do nothing, we tried our best
		}
	}
	else
	{
		// The container wasn't built yet, log to the PHP error log so we at least have something
		error_log($e);
	}

	header('HTTP/1.1 500 Internal Server Error', null, 500);
	header('Content-Type: text/html; charset=utf-8');
	echo 'An error occurred while booting the application: ' . $e->getMessage();

	exit(1);
}

// Execute the application.
try
{
	$app = $container->get('app');

	// Set the logger for the application.  We're doing it here because there is a recursion issue with correct service resolution that needs to be fixed.
	$app->setLogger($container->get('monolog'));

	// All output needs to be a plain text string to avoid needing to HTML encode everything
	$app->mimeType = 'text/plain';

	// Test filtering the XSS string by setting it to the input
	$string = '"><img%20src=x%20onerror=prompt(1)>"><script>alert(document.cookie)</script>><marquee><h1>ZerOne</h1></marquee>';

	$app->input->set('bad-string', $string);

	// Echo out our bad string first
	$app->appendBody('XSS String: ' . $string . PHP_EOL . PHP_EOL);

	// Let's start pulling stuff out of the state now
	$app->appendBody('String filter: ' . $app->getUserStateFromRequest('filter.search-user', 'bad-string', '', 'string') . PHP_EOL);
	$app->appendBody('CMD filter: ' . $app->getUserStateFromRequest('filter.search-user', 'bad-string', '', 'cmd') . PHP_EOL);
	$app->appendBody('RAW filter: ' . $app->getUserStateFromRequest('filter.search-user', 'bad-string', '', 'raw') . PHP_EOL);

	// Send the response now... $app->respond() is protected so brute force our way in via Reflection
	$method = new \ReflectionMethod($app, 'respond');
	$method->setAccessible(true);
	$method->invoke($app);
}
catch (\Exception $e)
{
	header('HTTP/1.1 500 Internal Server Error', null, 500);
	echo 'Error instantiating the application - ' . $e->getMessage();
}
	<?php
	/**
	* Joomla Tracker Web Application
	*
	* @copyright Copyright (C) 2012 - 2014 Open Source Matters, Inc. All rights reserved.
	* @license http://www.gnu.org/licenses/gpl-2.0.txt GNU General Public License Version 2 or Later
	*/

	// Set error reporting for development
	error_reporting(-1);

	// Define required paths
	define('JPATH_ROOT', dirname(__DIR__));
	define('JPATH_CONFIGURATION', JPATH_ROOT . '/etc');
	define('JPATH_THEMES', JPATH_ROOT . '/www');
	define('JPATH_TEMPLATES', JPATH_ROOT . '/templates');

	// Load the Composer autoloader
	$path = realpath(JPATH_ROOT . '/vendor/autoload.php');

	if (!$path)
	{
	header('HTTP/1.1 500 Internal Server Error', null, 500);
	echo 'ERROR: Composer not properly set up! Run "composer install" or see README.md for more details' . PHP_EOL;

	exit(1);
	}

	include $path;

	// Wrap in a try/catch so we can display an error if need be
	try
	{
	$container = (new Joomla\DI\Container)
	->registerServiceProvider(new JTracker\Service\CacheProvider)
	->registerServiceProvider(new JTracker\Service\ConfigurationProvider)
	->registerServiceProvider(new JTracker\Service\DatabaseProvider)
	->registerServiceProvider(new JTracker\Service\DebuggerProvider)
	->registerServiceProvider(new JTracker\Service\DispatcherProvider)
	->registerServiceProvider(new JTracker\Service\GitHubProvider)
	->registerServiceProvider(new JTracker\Service\MonologProvider)
	->registerServiceProvider(new JTracker\Service\RendererProvider)
	->registerServiceProvider(new JTracker\Service\TransifexProvider)
	->registerServiceProvider(new JTracker\Service\WebApplicationProvider);

	// Create the application aliases for the common 'app' key and base application class
	$container->alias('Joomla\\Application\\AbstractApplication', 'JTracker\\Application')
	->alias('app', 'JTracker\\Application');

	// Create the logger aliases for the common 'monolog' key, the Monolog Logger class, and the PSR-3 interface
	$container->alias('monolog', 'monolog.logger.application')
	->alias('logger', 'monolog.logger.application')
	->alias('Monolog\\Logger', 'monolog.logger.application')
	->alias('Psr\\Log\\LoggerInterface', 'monolog.logger.application');
	}
	catch (\Exception $e)
	{
	if (isset($container))
	{
	// Try to write to a log
	try
	{
	$logger = $container->get('monolog.logger.application');
	$logger->critical(
	sprintf(
	'Exception of type %1$s thrown while booting the application',
	get_class($e)
	),
	['exception' => $e]
	);
	}
	catch (\Exception $nestedException)
	{
	// Do nothing, we tried our best
	}
	}
	else
	{
	// The container wasn't built yet, log to the PHP error log so we at least have something
	error_log($e);
	}

	header('HTTP/1.1 500 Internal Server Error', null, 500);
	header('Content-Type: text/html; charset=utf-8');
	echo 'An error occurred while booting the application: ' . $e->getMessage();

	exit(1);
	}

	// Execute the application.
	try
	{
	$app = $container->get('app');

	// Set the logger for the application. We're doing it here because there is a recursion issue with correct service resolution that needs to be fixed.
	$app->setLogger($container->get('monolog'));

	// All output needs to be a plain text string to avoid needing to HTML encode everything
	$app->mimeType = 'text/plain';

	// Test filtering the XSS string by setting it to the input
	$string = '"><img%20src=x%20onerror=prompt(1)>"><script>alert(document.cookie)</script>><marquee><h1>ZerOne</h1></marquee>';

	$app->input->set('bad-string', $string);

	// Echo out our bad string first
	$app->appendBody('XSS String: ' . $string . PHP_EOL . PHP_EOL);

	// Let's start pulling stuff out of the state now
	$app->appendBody('String filter: ' . $app->getUserStateFromRequest('filter.search-user', 'bad-string', '', 'string') . PHP_EOL);
	$app->appendBody('CMD filter: ' . $app->getUserStateFromRequest('filter.search-user', 'bad-string', '', 'cmd') . PHP_EOL);
	$app->appendBody('RAW filter: ' . $app->getUserStateFromRequest('filter.search-user', 'bad-string', '', 'raw') . PHP_EOL);

	// Send the response now... $app->respond() is protected so brute force our way in via Reflection
	$method = new \ReflectionMethod($app, 'respond');
	$method->setAccessible(true);
	$method->invoke($app);
	}
	catch (\Exception $e)
	{
	header('HTTP/1.1 500 Internal Server Error', null, 500);
	echo 'Error instantiating the application - ' . $e->getMessage();
	}