This is something I've only just recently found out, but did you know that the logo's of the PHP project are hidden within the PHP source code and can be magically shown using a simple URL string?
When does it work?
This only works when the PHP flag expose_php is set to 'On' in the php.ini configuration. This is the case by default when you take the normal php.ini and don't change it.
That setting adds an HTTP header to every request, showing you that PHP is installed and exposing the PHP version.
# curl -I "https://ma.ttias.be/" HTTP/1.1 200 OK Server: nginx X-Powered-By: PHP/5.3.10 ...
That alone should give you reason enough to disable the expose_php setting though. ;-)
How does it work?
If you have a site/server you know that runs PHP, chances are they have the expose_php setting set to On. That means you can simply call the following URLs:
- The logo: https://ma.ttias.be/?=PHPE9568F34-D428-11d2-A769-00AA001ACF42
- The Zend logo: https://ma.ttias.be/?=PHPE9568F35-D428-11d2-A769-00AA001ACF42
- The easter egg logo: https://ma.ttias.be/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42
By simply adding these GET parameters (?=GUID) to the URL, you retrieve the logo. Those GUID's are defined in the following functions.
# php -r 'echo php_logo_guid(); ' PHPE9568F34-D428-11d2-A769-00AA001ACF42 # php -r 'echo php_egg_logo_guid(); ' PHPE9568F36-D428-11d2-A769-00AA001ACF42 # php -r 'echo zend_logo_guid(); ' PHPE9568F35-D428-11d2-A769-00AA001ACF42
And any of those GUIDs can be used to retrieve an image.