I need to create bots that searches a clients PC for a security certificate
and also for encrypted login details which are then decrypted and resent to the host server for validation.

Somebody help me please!

PHP is a server side language, it can not search a client pc unless it is running on that machine. This is because php is parsed before the response is sent to the client. Even with a client side script, like javascript, you are religated to only the web accessable folders like cookies and cache. You are pretty much limited to letting the user login and setting a cookie for your site, even this is not fool proof as the client can turn off cookies and you are out of luck. Another solution is to redirect the login page to a secure connection and conduct business from there.

I would disagree with you. PHP can do everything that C can, but with lower speed and sometimes in more , sometimes in less convinent manner.
All you need here is PHP CLI (i dicovered recently good web site about it at http://www.php-cli.com) for creating a script to run it from shell and socket functions http://uk2.php.net/sockets . mix them both and you can visit any box through any socket ass soon as you know whta you are looking for and what you need to get into the box.:p

nope, you are flat our wrong here. php can NOT do everything that C can do, I does impliment SOME of the features of C but no where near all of them. can you create device drivers in PHP? How's that floating point math in PHP? How many mathmatitions do you know that use PHP for calculating formulas?

PHP is an okay language, its great for the web and has some usefullness in some scripting areas. If you are going through the touble of creating a shell script why not use a real language like python, perl, or even C for speed?

As for teaching soemone to build a port scanner, and then sniffing around someones box, no pun intended, I dont think this is the place for that.

this is all IMHO, take it with a grain of salt.

As for teaching soemone to build a port scanner, and then sniffing around someones box, no pun intended, I dont think this is the place for that.

this is all IMHO

It's M(NS)HO as well.
Considering that certificate/login validation is an everyday part of client/server transactions, I question the need for the requested functionality in a legal setting.

This article has been dead for over six months. Start a new discussion instead.