├── LICENSE ├── README.md └── run.sh /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2021 sikander 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # lfiscan 2 | 3 | ![Screenshot from 2021-06-23 18-32-19](https://user-images.githubusercontent.com/82051128/123108622-028bf480-d454-11eb-8e74-b33f10c1a2ae.png) 4 | 5 | # Installation: 6 | 1. git clone https://github.com/machine1337/lfiscan 7 | 2. cd lfiscan && chmod +x run.sh 8 | 9 | # Usage: 10 | ./run.sh 11 | 12 | # Question: 13 | Q: What should my url or urls looks like? 14 | A: http://testphp.vulnweb.com/showimage.php?file= 15 | 16 | # Future Plans: 17 | 1. It will automatically identify the target OS and then run payloads according to the target OS. 18 | Example: Linux OS => linux payloads 19 | Windows OS => Window payloads 20 | 2. If this script found a vulnerable url so it will get automatically reverse shell. 21 | 22 | 23 | 24 | 25 | -------------------------------------------------------------------------------- /run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | NC='\033[0m' 3 | RED='\033[1;38;5;196m' 4 | GREEN='\033[1;38;5;040m' 5 | ORANGE='\033[1;38;5;202m' 6 | BLUE='\033[1;38;5;012m' 7 | BLUE2='\033[1;38;5;032m' 8 | PINK='\033[1;38;5;013m' 9 | GRAY='\033[1;38;5;004m' 10 | NEW='\033[1;38;5;154m' 11 | YELLOW='\033[1;38;5;214m' 12 | CG='\033[1;38;5;087m' 13 | CP='\033[1;38;5;221m' 14 | CPO='\033[1;38;5;205m' 15 | CN='\033[1;38;5;247m' 16 | CNC='\033[1;38;5;051m' 17 | 18 | function banner(){ 19 | echo -e ${RED}"##############################################################################" 20 | echo -e ${CP}" _ _____ ___ ____ ____ _ _ _ _ _ _____ ____ #" 21 | echo -e ${CP}" | | | ___|_ _| / ___| / ___| / \ | \ | | \ | | ____| \ #" 22 | echo -e ${CP}" | | | |_ | | \___ \| | / _ \ | \| | \| | _| | |_) | #" 23 | echo -e ${CP}" | |___| _| | | ___) | |___ / ___ \| |\ | |\ | |___| _ < #" 24 | echo -e ${CP}" |_____|_| |___|___|____/ \____/_/ \_\_| \_|_| \_|_____|_| \_\ #" 25 | echo -e ${CP}" |_____| #" 26 | echo -e ${BLUE}" A FrameWork For Scanning Local File Inclusion #" 27 | echo -e ${YELLOW}" Coded By: Machine404 #" 28 | echo -e ${CPO}" https://github.com/machine1337 #" 29 | echo -e ${CNC}" https://facebook.com/unknownclay #" 30 | echo -e ${RED}"###############################################################################" 31 | } 32 | sleep 1 33 | echo -e ${CP}"[+] Checking Internet Connectivity" 34 | if [[ "$(ping -c 1 8.8.8.8 | grep '100% packet loss' )" != "" ]]; then 35 | echo "No Internet Connection" 36 | exit 1 37 | else 38 | echo "Internet is present" 39 | 40 | fi 41 | function single_scan(){ 42 | clear 43 | banner 44 | echo -e -n ${BLUE}"\n[+] Enter domain name (e.g https://target.com/) : " 45 | read domain 46 | echo -e -n ${BLUE}"\n[+] Enter path of payloads list: " 47 | read list 48 | sleep 1 49 | echo -e ${CNC}"\n[+] Searching For LFI: " 50 | for i in $(cat $list); do 51 | file=$(curl -s -m5 $domain$i) 52 | echo -n -e ${YELLOW}"\nURL: $domain" >> output.txt 53 | echo "$file" >> output.txt 54 | if grep root:x <<<"$file" >/dev/null 2>&1 55 | then 56 | echo -n -e ${RED}"\nURL: $domain ${CP}"[Payload $i]" ${RED}[Vulnerable]\n" 57 | cat output.txt | grep -e URL -e root:x >> vulnerable_url.txt 58 | cat output.txt | sed '3,18p;d' >> vulnerable_url.txt 59 | rm output.txt 60 | else 61 | echo -n -e ${GREEN}"\nURL: $domain [Not Vulnerable]\n" 62 | rm output.txt 63 | fi 64 | done 65 | } 66 | function mass_scan(){ 67 | 68 | clear 69 | banner 70 | echo -n -e ${PINK}"\n[+]Enter target urls list (e.g https://target.com) : " 71 | read urls 72 | echo -n -e ${PINK}"\n[+]Enter path of payloads list : " 73 | read pay 74 | sleep 1 75 | echo -e ${CNC}"\n[+] Searching For LFI: " 76 | 77 | for i in $(cat $urls ); do 78 | for j in $(cat $pay); do 79 | file=$(curl -s -m5 $i$j) 80 | 81 | echo -n -e ${YELLOW}"URL: $i" >> output.txt 82 | echo "$file" >> output.txt 83 | 84 | if grep root:x <<<"$file" >/dev/null 2>&1 85 | then 86 | 87 | echo -e ${RED}"\n[*] URL: $i ${CP}"[Payload $j]"${RED}[Vulnerable]\n" 88 | cat output.txt | grep -e URL >> vulnerable_urls.txt 89 | cat output.txt | sed '3,18p;d' >> vulnerable_urls.txt 90 | rm output.txt 91 | else 92 | echo -n -e ${GREEN}"\nURL: $i [Not Vulnerable]" 93 | rm output.txt 94 | 95 | fi 96 | done 97 | done 98 | } 99 | 100 | menu() 101 | { 102 | clear 103 | banner 104 | echo -e ${YELLOW}"\n[*] Which Type of Scan u want to Perform\n " 105 | echo -e " ${NC}[${CG}"1"${NC}]${CNC} Single Url " 106 | echo -e " ${NC}[${CG}"2"${NC}]${CNC} List of Urls " 107 | echo -e " ${NC}[${CG}"3"${NC}]${CNC} Exit" 108 | 109 | echo -n -e ${YELLOW}"\n[+] Select: " 110 | read lfi_play 111 | if [ $lfi_play -eq 1 ]; then 112 | single_scan 113 | elif [ $lfi_play -eq 2 ]; then 114 | mass_scan 115 | elif [ $lfi_play -eq 3 ]; then 116 | exit 117 | fi 118 | } 119 | menu 120 | --------------------------------------------------------------------------------