LFISuite icon indicating copy to clipboard operation
LFISuite copied to clipboard

Published 20 hours ago verified publisher icon D35m0nd142

FEATURE REQUST

Open Bugspiderlee opened this issue 4 years ago • 0 comments

Can we make this tool take multiple urls at a time and aso suport post method switching and scan paths wothout parameters like for example example.com/archive/../../../../../etc/passwd like some lfi vulns can be found in paths frags without params

Bugspiderlee avatar Oct 06 '20 17:10 Bugspiderlee

You can test POST params with lfimap. It also supports scan without parameter names.

POST test: python3 lfimap.py -U "http://vulnpage.com/endpoint" -D "postparam=PWN" -a

No param test: python3 lfimap.py -U "http://vulnpage.com/PWN" -a

hansmach1ne avatar Aug 08 '22 16:08 hansmach1ne