Skip to content
/ Includer Public

Automatically enumerate RCE methods, key system files, and webroot files with LFI vulnerabilities.

4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

2ptr/Includer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
README.md
README.md
 
 
includer.png
includer.png
 
 
includer.py
includer.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Includer logo

Includer

Automatically enumerate RCE methods, key system files, and webroot files within LFI vulnerabilities.

Usage

usage: includer.py [-h] [-c] [-r] [-k] url parameter

positional arguments:
  url             Full URL of LFI-vulnerable page. Example: http://www.example.com/page.php?foo=bar&vulnerable=LFI
  parameter       Parameter to be used for LFI fuzzing.

options:
  -h, --help      show this help message and exit
  -c, --crawl     Only webcrawl.
  -r, --rce       Only test for RCE.
  -k, --keyfiles  Only search for keyfiles.

Project Overview

Includer was made to be a one-button solution to LFI crawling. I got tired of using fuzzers with random wordlists and having to check PHP wrappers for RCE. Includer isn't very complicated, but it is painless to use and looks nice.

Future Work

This project is an extremely old one of mine and needs major updates

  • Method detection for all parameters
  • Reverse and Interactive shell functions
  • Sophisticated web crawls
  • Windows support

About

Automatically enumerate RCE methods, key system files, and webroot files with LFI vulnerabilities.

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages