Closed hansmach1ne closed 1 month ago
"Problematic" code is here:
r,_ = REQUEST(config.url, headers, config.postreq, config.proxies, "test", "test", exploit = False, followRedirect = True, isCsrfRequest = False)
if(not args.http_valid): args.http_valid = [200, 204, 301, 302, 303]
if(not r):
print(colors.red("[-]") + " Something unexpected has happened, initial testing response is not clearly received. Please check your switches and url endpoint(s). Exiting...")
sys.exit(-1)
Using the http_valid
arg, you can override this list to include 404 - is a fix really needed?
@nrathaus I am aware of the --http-ok flag, it is built exactly for this kind of situation, however yes the fix is needed as initial response has 404 HTTP code, if(r) yields in false. I will fix some of the issues probably next week. Cheers!
I can provide a fix if you want - just say the word
lfimap.py: L287.
if(not r)
changed to if(not r.text)
, in case of 404 status code, if block yields correctly.
└─$ python3 lfimap.py -U "https://mach1ne.org/a/PWN"
[i] Testing GET '' parameter...
[-] GET parameter '' doesn't seem to be vulnerable....
----------------------------------------
LFImap finished with execution.
Parameters tested: 1
Requests sent: 53
Vulnerabilities found: 0
It is not a good idea to do it this way:
if not r.text:
Makes you think that r.text
is boolean, even Python doesn't like it:
File "lfimap.py", line 738, in <module>
main()
File "lfimap.py", line 390, in main
if not r.text:
AttributeError: 'bool' object has no attribute 'text'
In addition, REQUEST
returns bool
in some cases:
except requests.exceptions.InvalidSchema:
if not args.no_stop:
print(
colors.red("[-]")
+ " Previous request caused InvalidSchema exception. Try specifying '--no-stop' to continue testing even if errors occurred..."
)
else:
print(
colors.red("[-]")
+ " InvalidSchema exception detected. Server cannot parse the parameter URI. Try proxying requests to see exactly what happened..."
)
return False, False
I suggest to standardize the return response of REQUEST
so that the variables returned are always same time
Something like:
return success, response, doContinue
Where success is True/False
└─$ python3 lfimap.py -U "https://mach1ne.org/a/PWN"
[-] Something unexpected has happened, initial testing response is not clearly received. Please check your switches and url endpoint(s). Exiting...