Takes input wordlist in native path format to generate encoding evasion, path traversals, and null byte injections
-
Updated
Sep 12, 2023 - Python
Takes input wordlist in native path format to generate encoding evasion, path traversals, and null byte injections
Simple LFI Vulnerability Tester with Authentication Support
Vulnerable configuration Apache HTTP Server version 2.4.49/2.4.50
LFI Payloads List collected from Github and write-ups.
Automated exploitation of Local File Inclusion bugs
This script will prepare some tmux session precompiled to test command injection on some web page parameter (on a GET or POST request).
Dépôt des challenges que j'ai réalisés pour l'évènement CTF Hacky'Nov à Aix-en-Provence 2022.
Vulnerable configuration Apache HTTP Server version 2.4.49
This script is used for taking advantage of a Local File Inclusion in the Wordpress site editor plugin version 1.1.1, it's made in bash
Developed in compliance to the requirements of SE101, IPT101, HCI101, and IM101 in Quezon City University.
This script is used for taking advantage of a Local File Inclusion in the Wordpress mail masta plugin version 1.0, it's made in bash
ImageMagick Arbitrary Read Files - CVE-2022-44268
Lab setup for CVE-2021-41773 (Apache httpd 2.4.49) and CVE-2021-42013 (Apache httpd 2.4.50).
A simple automation tool to detect LFI, RCE and SSTI vulnerabilities.
Add a description, image, and links to the lfi topic page so that developers can more easily learn about it.
To associate your repository with the lfi topic, visit your repo's landing page and select "manage topics."