Takes input wordlist in native path format to generate encoding evasion, path traversals, and null byte injections
-
Updated
Sep 12, 2023 - Python
Takes input wordlist in native path format to generate encoding evasion, path traversals, and null byte injections
LFI Payloads List collected from Github and write-ups.
Simple LFI Vulnerability Tester with Authentication Support
Vulnerable configuration Apache HTTP Server version 2.4.49/2.4.50
Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion
Automated exploitation of Local File Inclusion bugs
This script will prepare some tmux session precompiled to test command injection on some web page parameter (on a GET or POST request).
Dépôt des challenges que j'ai réalisés pour l'évènement CTF Hacky'Nov à Aix-en-Provence 2022.
Vulnerable configuration Apache HTTP Server version 2.4.49
Oracle WebLogic Server (LFI)
Sonatype Nexus Repository Manager 3 (LFI)
This script is used for taking advantage of a Local File Inclusion in the Wordpress site editor plugin version 1.1.1, it's made in bash
This script is used for taking advantage of a Local File Inclusion in the Wordpress mail masta plugin version 1.0, it's made in bash
ImageMagick Arbitrary Read Files - CVE-2022-44268
Developed in compliance to the requirements of SE101, IPT101, HCI101, and IM101 in Quezon City University.
Lab setup for CVE-2021-41773 (Apache httpd 2.4.49) and CVE-2021-42013 (Apache httpd 2.4.50).
Add a description, image, and links to the lfi topic page so that developers can more easily learn about it.
To associate your repository with the lfi topic, visit your repo's landing page and select "manage topics."