-
-
Notifications
You must be signed in to change notification settings - Fork 105
Usage
usage: liffy.py [-h] [-d] [-i] [-e] [-f] [-p] [-a]
[-ns] [-r] [--ssh] [-l LOCATION] [--cookies COOKIES]
url
positional arguments:
url URL to test for LFI
optional arguments:
-h, --help show this help message and exit
-d, --data Use data:// technique
-i, --input Use input:// technique
-e, --expect Use expect:// technique
-f, --filter Use filter:// technique
-p, --proc Use /proc/self/environ technique
-a, --access access logs technique
-ns, --nostager execute payload directly, do not use stager
-r, --relative use path traversal sequences for attack
--ssh SSH auth log poisoning
-l LOCATION, --location LOCATION
path to target file (access log, auth log, etc.)
--cookies COOKIES session cookies for authentication
Option: -d
or --data
Ex: python liffy.py http://example.com/?id= -d
Option: -i
or --input
Ex: python liffy.py http://example.com/?id= -i
Option: -e
or --expect
Ex: python liffy.py http://example.com/?id= -e
Option: -f
or --filter
Ex: python liffy.py http://example.com/?id= -f
Option: -p
or --proc
Ex: python liffy.py http://example.com/?id= -p
Option: -a
or --access
Ex: python liffy.py http://example.com/?id= -a
Option: -s
or --ssh
Ex: python liffy.py http://example.com/?id= -s
Option: -r
This option can be used along with other options so relatively traverse the directories.
EX:
- python liffy.py http://example.com/?id= -s -r
- python liffy.py http://example.com/?id= -p -r
- python liffy.py http://example.com/?id= -a -r
Option: -l
or --location
This option has to be used either with all the log techniques like authlog
, sshlog
EX:
- python liffy.py http://example.com/?id= -s -l /var/auth.log
- python liffy.py http://example.com/?id= -a -l /var/apache2/access.log
By default the following location is used:
- For SSH auth.log -
/var/log/auth.log
- For apache2 access.log -
/var/log/apache2/access.log