devil

LOCAL FILE INCLUSION VULNERABILITY SCANNER

Local File Inclusion Vulnerability Scanner 
Enter ur Email, FOR Free HACKING TRICKS:

Delivered by FeedBurner
TECH-HOLICS BLOG MAGAZINE


Local File Inclusion is the website vulnerability and can gave attacker the ability to root the website server too.



Description 

The Simple Local File Inclusion Vulnerability Scanner helps you to find LFI vulnerabilities. This is a python script which works as a LFI scanner.




Usage

./lfi_scanner.py –url=




Usage example

./lfi_scanner.py –url=”http://www.example.com/page.php?file=main”




Usage notes

- Always use http://….

- This tool does not work with SEO URLs, such as http://www.example.com/news-about-the-internet/.

- If you only have a SEO URL, try to find out the real URL which contents parameters.




Feature list

- Provides a random user agent for the connection.

- Checks if a connection to the target can be established.

- Tries to catch most errors with error handling.

- Contains a LFI vulnerability scanner.

- Finds out how a possible LFI vulnerability can be exploited (e.g. directory depth).

- Supports nullbytes!
- Supports common *nix targets, but no Windows systems.


Known issues

- This tool is only able to handle “simple” LFI vulnerabilities, but not complex ones.

- Like most other LFI scanners, this tool here also has trouble with handling certain server responses.




Some notes

- Tested with Python 2.6.5.

- Modify, distribute, share and copy the code in any way you like!

- Please note that this tool was created for educational purposes only.

- Do not use this tool in an illegal way. Know and respect your local laws.

- Only use this tool for legal purposes, such as pentesting your own website

- I am not responsible if you cause any damage or break the law.
- Power to teh c0ws!




Download Here:



ADVERTISEMENT
Subscribe to this Blog via Email :

Would love to here from you...