Skip to content
/ LFI_autoexploiter Public

Automatic exploitation of an LFI web vulnerability. It is capable of using base64 extraction, null byte bypass and URL encoding bypass

License

MIT license
2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Moluma/LFI_autoexploiter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
LFI_autoexploiter.py
LFI_autoexploiter.py
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
paths_lfi.txt
paths_lfi.txt
 
 

Repository files navigation

LFI_autoexploiter

Automatic exploitation of an LFI web vulnerability.

Install

As simple as: git clone https://github.com/Moluma/LFI_autoexploiter

Usage

usage: lfi_extractor.py [-h] [-url URL] [-path_list PATH_LIST] [--b64 B64] [--url_enc URL_ENC] [--null NULL] [--output OUTPUT] [--static STATIC] [--dynamic DYNAMIC]

optional arguments:

-h, --help show this help message and exit

-url URL Example: http://example.com/script.php?=

-path_list PATH_LIST Path to LFI files to extract. Not needed in scan mode

--b64 B64 Uses php base64 extraction if given a 1

--url_enc URL_ENC Uses url encoding if given a 1

--null NULL Adds a null byte if given a 1

--output OUTPUT Path to export the report

--static STATIC Uses the value provided as static time (seconds) between requests

--dynamic DYNAMIC Uses the interval (e: 1-4) provided as dynamic random time (seconds) between requests

About

Automatic exploitation of an LFI web vulnerability. It is capable of using base64 extraction, null byte bypass and URL encoding bypass

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages