LFI Website Scanner v1.0

1. <?php
2. /*
3. LFI Website Scanner v1.0
4. (c)oded by Inj3ctor_M4
5. */
6.  
7. error_reporting(0);
8. @set_time_limit(0);
9.  
10. echo".____   ___________.___    _________                    
11. |    |  \_   _____/|   |  /   _____/ ____ _____    ____  
12. |    |   |    __)  |   |  \_____  \_/ ___\\__  \  /    \
13. |    |___|     \   |   |  /        \  \___ / __ \|   |  \
14. |_______ \___  /   |___| /_______  /\___  >____  /___|  /
15.        \/   \/                  \/     \/     \/     \/
16. \n";
17.  
18. $target = $argv[1];
19.  
20. $var = spider_url($target);
21. preg_match_all ("/a[\s]+[^>]*?href[\s]?=[\s\"\']+".
22.                     "(.*?)[\"\']+.*?>"."([^<]+|.*?)?<\/a>/",
23.                     $var, $matches);
24.        
25.     $matches = array_unique($matches[1]);
26.     $list = array();
27.  
28.     foreach($matches as $var)
29.     {
30.         echo ($target.$var);
31.         $site = _Fix($target.$var);
32.         scanlfi($site);
33.     }
34.  
35.  
36. function spider_url($url,$ref="")
37.     {
38.         if(function_exists("curl_init")){
39.             $ch = curl_init();
40.             $user_agent = "Mozilla/4.0 (compatible; MSIE 5.01; ".
41.                           "Windows NT 5.0)";
42.             $ch = curl_init();
43.             curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
44.             curl_setopt( $ch, CURLOPT_HTTPGET, 1 );
45.             curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 );
46.             curl_setopt( $ch, CURLOPT_FOLLOWLOCATION , 1 );
47.             curl_setopt( $ch, CURLOPT_FOLLOWLOCATION , 1 );
48.             curl_setopt( $ch, CURLOPT_URL, $url );
49.             curl_setopt( $ch, CURLOPT_REFERER, $ref );
50.             curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
51.             $html = curl_exec($ch);
52.             curl_close($ch);
53.         return $html;
54.         }
55.     }
56.  
57. function scanlfi($url)
58. {
59. $findme = "failed to open stream|daemon";
60. $gt = getsource($url.'__ma__');
61. if(preg_match("/$findme/i",$gt))
62. {
63. echo" >> LFI Found\n";
64. }else{echo" >> LFI Not Found\n";
65. }
66. }
67.  
68. // By Lagripe-Dz
69. function _Fix($site){ preg_match_all("#(.*?)?(.*?)=(.*?)#",$site,$res); return $res[2][0]."="; }
70.  
71. function getsource($site){
72.  
73.     if (function_exists('curl_init')) {
74.  
75.         $ch = @curl_init($site);
76. if ($proxy)
77.         @curl_setopt ($ch, CURLOPT_PROXY, $proxy);
78.         @curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
79.         @curl_setopt($ch, CURLOPT_HEADER, FALSE);
80.         @curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
81.         @curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
82.         @curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
83.         $source = @curl_exec($ch);
84.         @curl_close($ch);
85.         return $source;
86.  
87.     }
88.     else {
89.    
90.         return @file_get_contents($site);
91.    
92.     }
93. }