hnhx-archive/librex
1
0
Fork 0
mirror of https://github.com/hnhx/librex.git synced 2025-01-10 03:37:25 -03:00
Code Issues Projects Releases Packages Wiki Activity

fixed an ssrf that was caused by the image proxy

Browse source
This commit is contained in:
hnhx 2022-08-28 20:41:33 +02:00
parent 8879cb1144
commit bdfc04b1d6
3 changed files with 75 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

53
config.php Normal file
View file

@ -0,0 +1,53 @@
<?php
return (object) array(
// e.g.: fr -> https://google.fr/
"google_domain" => "com",
// Google results will be in this language
"google_language" => "en",
"disable_bittorent_search" => false,
"bittorent_trackers" => "&tr=http%3A%2F%2Fnyaa.tracker.wf%3A7777%2Fannounce&tr=udp%3A%2F%2Fopen.stealth.si%3A80%2Fannounce&tr=udp%3A%2F%2Ftracker.opentrackr.org%3A1337%2Fannounce&tr=udp%3A%2F%2Fexodus.desync.com%3A6969%2Fannounce&tr=udp%3A%2F%2Ftracker.torrent.eu.org%3A451%2Fannounce",
/*
Preset privacy friendly frontends for users, these can be overwritten by users in settings
e.g.: "invidious" => "https://yewtu.be",
*/
"invidious" => "",
"bibliogram" => "",
"nitter" => "",
"libreddit" => "",
"proxitok" => "",
"wikiless" => "",
/*
To send requests trough a proxy uncomment CURLOPT_PROXY and CURLOPT_PROXYTYPE:
CURLOPT_PROXYTYPE options:
CURLPROXY_HTTP
CURLPROXY_SOCKS4
CURLPROXY_SOCKS4A
CURLPROXY_SOCKS5
CURLPROXY_SOCKS5_HOSTNAME
!!! ONLY CHANGE THE OTHER OPTIONS IF YOU KNOW WHAT YOU ARE DOING !!!
*/
"curl_settings" => array(
// CURLOPT_PROXY => "ip:port",
// CURLOPT_PROXYTYPE => CURLPROXY_HTTP,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_USERAGENT => "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36",
CURLOPT_IPRESOLVE => CURL_IPRESOLVE_V4,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_PROTOCOLS => CURLPROTO_HTTPS | CURLPROTO_HTTP,
CURLOPT_REDIR_PROTOCOLS => CURLPROTO_HTTPS | CURLPROTO_HTTP,
CURLOPT_MAXREDIRS => 5,
CURLOPT_TIMEOUT => 8,
CURLOPT_VERBOSE => false
)
);
?>

18
image_proxy.php
View file

@ -3,10 +3,20 @@
$config = require "config.php";
require "misc/tools.php";
$image = $_REQUEST["url"];
$url = $_REQUEST["url"];
$image_src = request($image);
$split_url = explode("/", $url);
$base_url = $split_url[2];
$base_url_main_split = explode(".", strrev($base_url));
$base_url_main = strrev($base_url_main_split[1]) . "." . strrev($base_url_main_split[0]);
header("Content-Type: image/jpeg");
echo $image_src;
if ($base_url_main == "qwant.com" || $base_url_main == "wikimedia.org")
{
$image = $url;
$image_src = request($image);
header("Content-Type: image/jpeg");
echo $image_src;
}
?>

16
search.php
View file

@ -6,7 +6,7 @@
<form class="sub-search-container" method="get" autocomplete="off">
<h1 class="logomobile"><a class="noDecoration" href="./">Libre<span class="X">X</span></a></h1>
<a href="./"><img class="logo" src="static/images/librex.png" alt="librex logo"></a>
<input type="text" name="q"
<input type="text" name="q"
<?php
$query = htmlspecialchars(trim($_REQUEST["q"]));
$query_encoded = urlencode($query);
@ -15,8 +15,8 @@
{
header("Location: ./");
die();
}
}
echo "value=\"$query\"";
?>
>
@ -41,7 +41,7 @@
require "misc/tools.php";
$page = isset($_REQUEST["p"]) ? (int) $_REQUEST["p"] : 0;
$start_time = microtime(true);
switch ($type)
{
@ -79,7 +79,7 @@
print_merged_torrent_results($results);
break;
}
break;
default:
@ -95,12 +95,12 @@
{
echo "<div class=\"next-page-button-wrapper\">";
if ($page != 0)
if ($page != 0)
{
print_next_page_button("&lt;&lt;", 0, $query, $type);
print_next_page_button("&lt;&lt;", 0, $query, $type);
print_next_page_button("&lt;", $page - 10, $query, $type);
}
for ($i=$page / 10; $page / 10 + 10 > $i; $i++)
print_next_page_button($i + 1, $i * 10, $query, $type);