..used one or more modules you must have seen the iframes used for realtime result display. In this tutorial I'm going to show you how to insert them into your module and how they..
Creates a blueprint/map of a server folder
<?php
/* Inject errors and responses to scan for */
if(!defined('IN_SCRIPT')){
exit;
}
$_CONTEXT['inject'] = array();
$_CONTEXT['inject']['sqli'] = array();
$_CONTEXT['inject']['sqli']['trigger'] = "'";
$_CONTEXT['inject']['sqli']['response'] = array("You have an error in your SQL","SQL Error","Incorrect syntax near","supplied argument is not a valid MySQL","Call to a member function","ODBC Microsoft Access Driver","Microsoft OLE DB Provider for","Unclosed quotation mark","SQL query failed","Database Error");
$_CONTEXT['inject']['xss'] = array();
$_CONTEXT['inject']['xss']['trigger'] = "<img src=\"somesite.ext\" border=\"0\" />";
$_CONTEXT['inject']['xss']['response'] = $_CONTEXT['inject']['xss']['trigger'];
$_CONTEXT['inject']['lfi'] = array();
$_CONTEXT['inject']['lfi']['trigger'] = "../../../../../../../../../../../../../etc/passwd";
$_CONTEXT['inject']['lfi']['response'] = array("root:x:0","No such file or directory","<b>Warning</b>: include_once()");
$_CONTEXT['inject']['rfi'] = array();
$_CONTEXT['inject']['rfi']['trigger'] = "http://www.google.com";
$_CONTEXT['inject']['rfi']['response'] = array("<title>Google</title>");
?>