Kang Asu
Liffy - Local File Inclusion Exploitation Tool
LFI Exploitation tool
A little python tool to perform Local file inclusion.
Liffy v2.0 is the improved version of liffy which was originally created by rotlogix/liffy. The latter is no longer available and the former hasn't seen any development for a long time.
Main feature
- data:// for code execution
- expect:// for code execution
- input:// for code execution
- filter:// for arbitrary file reads
- /proc/self/environ for code execution in CGI mode
- Apache access.log poisoning
- Linux auth.log SSH poisoning
- Direct payload delivery with no stager
- Support for absolute and relative path traversal
- Support for cookies for authentication
Documentation
Contribution
- Suggest a feature
- Like any other technique to exploit LFI
- Report a bug
- Fix something and open a pull request
In any case feel free to open an issue
Credits
All the exploitation techniques are taken from liffy
Logo for this project is taken from renderforest
Support
If you'd like you can buy me some coffee:
Credits
All the exploitation techniques are taken from liffy
Logo for this project is taken from renderforest
Support
If you'd like you can buy me some coffee:
Regards
Kang Asu
No comments:
Post a Comment
# Silahkan berkomentar, bertanya dan kritik dengan sopan
# Disini anda boleh menyisipkan Link di kolom komentar
# Tetapi akan saya moderasi atau Review terlebih dahulu tiap komentar
# Jangan sampai komentar anda mengandung SPAM.
# Terima Kasih - Regards Muhammad Sobri Maulana