Manually Force The Remote Browser To Be A Hacker

POST /System/Hacker/SetHack
Authorization key & Authorization date & Authorization hmac

This process looks at the public ip address of the remote web browser and forces them as a hacker. Secret Hmac Required. Cache Time 30 Seconds.

application/json

Body

  • _SERVER object

    Array of php $_SERVER variables. This can also be sent in headers if easier. Values passed are one of the following. If multiple are listed, the first valid value is used.

    • 'REQUEST_URI for the requested url from the browser (required)
    • 'X-Forwarded-Proto', 'HTTP_X_FORWARDED_PROTO', 'HTTPS' for remote being http or https (required if no http/https in request uri)
    • 'SCRIPT_NAME', 'PHP_SELF' for the script name opened (required)
    • 'HTTP_X_FORWARDED_FOR', 'HTTP_X_REAL_IP', 'REMOTE_ADDR' for remote address (required)
    • 'SERVER_ADDR' for server address (required)
    • 'SERVER_PORT' for server port
    • 'ServerName' for server name
    • 'HTTP_X_FORWARDED_HOST', 'X-Forwarded-Host', 'HTTP_HOST', 'SSL_TLS_SNI' for remote host
    • 'HTTP_REFERER', 'HTTP_FROM' for referring url
    • 'HTTP_USER_AGENT' is the user agent that called this
    • '_SVBalanced', 'HTTP_X_FORWARDED_PROTO' if called through a load balancer

Responses

  • 200 application/json

    Remote browser is a hacker. Return values of arrays only return the full value if changed. Post processing required to update passed values and forwarding

    Hide response attributes Show response attributes object
    • RequestUri string

      The web browser request uri

    • Agent string

      The reported web browser being used

    • IsBot number

      the display group id

    • Port number

      the browser port that was used

    • _Command string

      the resulting php script that was called

    • _Get array

      if sent, the $_GET values passed should be replaced with these

    • _Post array

      if sent, the $_POST values passed should be replaced with these

    • _Cookie array

      if sent, the $_COOKIE values passed should be replaced with these

    • _Request array

      if sent, the $_REQUEST values passed should be replaced with these

    • _Soft array

      the various values sent in after having filtered items removed

    • _AutoLogin number

      if the appropriate values are included to automatically log in

    • Sleep number

      the number of seconds that php should sleep before proceeding

    • Exit number

      if we should exit the script without processing more

    • _Forward string

      the url we should forward to if needed

    • Seconds number

      how many seconds to wait before forwarding

    • NoForward string

      the reasons found to not forward

    • _Headers array

      if sent, these headers should be sent
POST /System/Hacker/SetHack 
curl \
 --request POST 'https://api.wrtm.io/v1.0/System/Hacker/SetHack' \
 --header "X-ApiKey: $API_KEY" \
 --header "Authorization: X-apidate $ACCESS_TOKEN" \
 --header "Authorization: X-apihmac $ACCESS_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{"_SERVER":{"https":"On","Remote_Addr":"192.168.200.154","Request_Uri":"https://www.wrtm.io/","Script_Name":"index.php","Http_User_Agent":"Chrome"}}'
Request examples 
{
  "_SERVER": {
    "https": "On",
    "Remote_Addr": "192.168.200.154",
    "Request_Uri": "https://www.wrtm.io/",
    "Script_Name": "index.php",
    "Http_User_Agent": "Chrome"
  }
}
Response examples (200) 
[
  {
    "Exit": 1,
    "_Get": {
      "abc": "",
      "xyz": "123"
    },
    "port": 443,
    "Sleep": 10,
    "_Post": null,
    "agent": "Chrome",
    "isbot": 0,
    "Foward": "",
    "Seconds": 0,
    "_Cookie": {
      "username": "mike"
    },
    "_Headers": null,
    "_Request": {
      "abc": "",
      "xyz": "123",
      "username": "mike"
    },
    "_command": "index.php",
    "NoForward": "",
    "RequestUri": "https://wrtm.io/?abc&xyz=1",
    "_AutoLogin": 0,
    "_SoftValues": {
      "abc": "",
      "xyz": "123"
    }
  }
]