-
Notifications
You must be signed in to change notification settings - Fork 34
Home
Mateo edited this page Jan 15, 2023
·
4 revisions
Welcome to the lfimap wiki!
Help menu:
usage: lfimap.py [-U [url]] [-F [urlfile]] [-C <cookie>] [-D <data>] [-H <header>] [-P <proxy>] [--useragent <agent>] [--referer <referer>] [--param <name>]
[--http-ok <number>] [--no-stop] [-f] [-i] [-d] [-e] [-t] [-r] [-c] [--file] [--xss] [--sqli] [--info] [-a] [-n <U|B>] [-x] [--lhost <lhost>]
[--lport <lport>] [-wT <path>] [--use-long] [-v] [-h]
lfimap, Local File Inclusion discovery and exploitation tool
MANDATORY:
-U [url] Specify url, Ex: "http://example.org/vuln.php?param=PWN"
-F [urlfile] Specify url wordlist (every line should have --param|'PWN'.)
GENERAL OPTIONS:
-C <cookie> Specify session cookie, Ex: "PHPSESSID=1943785348b45"
-D <data> Do HTTP POST value test. Ex: "param=PWN"
-H <header> Specify additional HTTP header(s). Ex: "X-Forwarded-For:127.0.0.1"
-P <proxy> Specify proxy. Ex: "http://127.0.0.1:8080"
--useragent <agent> Specify HTTP user agent
--referer <referer> Specify HTTP referer
--param <name> Specify different test parameter value
--http-ok <number> Specify http response code(s) to treat as valid
--no-stop Don't stop using same method upon findings
ATTACK TECHNIQUE:
-f, --filter Attack using filter wrapper
-i, --input Attack using input wrapper
-d, --data Attack using data wrapper
-e, --expect Attack using expect wrapper
-t, --trunc Attack using path truncation with wordlist (default "short.txt")
-r, --rfi Attack using remote file inclusion
-c, --cmd Attack using command injection
--file Attack using file wrapper
--xss Test for reflected XSS
--sqli Test for SQL injection
--info Test for basic information disclosures
-a, --all Use all available methods to attack
PAYLOAD OPTIONS:
-n <U|B> Specify payload encoding(s). "U" for URL, "B" for base64
-x, --exploit Exploit to reverse shell if possible (Setup reverse listener first)
--lhost <lhost> Specify local ip address for reverse connection
--lport <lport> Specify local port number for reverse connection
WORDLIST OPTIONS:
-wT <path> Specify path to wordlist for truncation test modality
--use-long Use "wordlists/long.txt" wordlist for truncation test modality
OTHER:
-v, --verbose Print more detailed output when performing attacks
-h, --help Print this help message