Skip to content

FrancescoDiSalesGithub/pwrap

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

31 Commits

LICENSE

LICENSE

 
 

README.md

README.md

 
 

cookiejar.py

cookiejar.py

 
 

examplecookie.yaml

examplecookie.yaml

 
 

graphics.py

graphics.py

 
 

pwrap.py

pwrap.py

 
 

qrcode

qrcode

 
 

requirements.txt

requirements.txt

 
 

wrappers.py

wrappers.py

 
 

Repository files navigation

pwrap

command line utility for testing php local file inclusion

How to use

run: pip3 install -r requirements.txt

launch pwrap by following these rules:

python3 pwrap.py [URL] [File inclusion entry point] [wrapper] [yaml filename]

where:

  • URL = the url location you want to test your LFI
  • File Inclusion entry point = the parameter that is vulnerable to LFI
  • wrapper = the possible wrapper that pwrap uses
  • yaml filename = yaml file where there are cookies information

The possible wrappers that pwrap uses are:

  • file
  • filter
  • data
  • zip
  • expect
  • input

Example usage

create a file with yaml extension and put the cookie informations:

---
"PHPSESSID": "abcderete43w",
"info1": "asdfasdad"
"info2": "sddskhfds"

then run the program: python3 pwrap.py http://somesite.com/ page file example-file.yaml

If everything goes well, pwrap will open a browser window with the outcome of the local file inclusion

Donation

If you want to support me donate monero coins at: 4B9WQivaHfd3miDfPKEfCianocGpBx9d8FXycz2vmNW3aBDVKHgkBd9Gmapt4RBVEpTwnehujsiUBBehUiLvnEHs7VFstCC

immagine

or here (0.0043 XMR):

immagine

About

command line utility for testing php local file inclusion

Topics

php yaml snippets wrapper builder php7 tool cookie hacking requests php5 hacking-tool hackingcode file-inclusion requests-python requests-mo

Resources

Readme

License

GPL-3.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages