[VIM] False: ext 1.0 alpha1 (feed-proxy.php) Remote File Disclosure
GM darkfig
gmdarkfig at gmail.com
Thu Apr 26 18:39:01 UTC 2007
I think these functions do something like this:
- If $array[$x] == '..' and $array[$x-1] != ..
then replace '<directory>/../' by ''.
So readfile('xd/../yuh/../hello.php); is the same as readfile('hello.php');
> > Interesting behaviour... it seems to be something special about
> > readfile() as replacing that with, say, include(), reports no such file
> > / directory.
For me, with include() i have the same results (Windows):
C:\Documents and Settings\root\Desktop>cat a.php
<?php
$feed = "http/../../../../file.php";
if($feed != '' && strpos($feed, 'http') === 0){
include($feed);
}
?>
C:\Documents and Settings\root\Desktop>cat c:/file.php
<?php
echo "hello";
?>
More information about the VIM
mailing list