search

mzfr / liffy

Local file inclusion exploitation tool
GNU General Public License v3.0
784 stars 105 forks source link

unable to Run the tool #21

Closed salooali closed 2 years ago

salooali commented 2 years ago

Hey ! I'm a newbie and not able to run the tool. I got an error. Here is what I'm trying python version:3.7 liffy version: 2.0

command: python3 liffy.py http://namal.edu.pk/?id= -d


[~] Checking Target: namal.edu.pk
[~] Testing with data:// 
[?] Host For Callbacks: 172.16.13.243
[?] Port For Callbacks: 5050
[~] Generating PHP listener
[+] Success! 
[~] listener: /tmp/shell.php
[~] Start your listener by running nc -ntlp 5050
[~] Starting Web Server ...

I'm totally not able to understand which IP and port should I enter in Host For Callbacks and Ports for Callbacks respectively. I didn't find any reading about this on your repo.

Then I also unable to understand what's the purpose of running nc -ntlp port-no

Here is the Error I got:

Traceback (most recent call last):
  File "/home/salman/Desktop/FYP2022Secuirty/FYP-Directory/FYP2022Security/Live_Assets/liffy/core/Server.py", line 11, in <module>
    httpd = socketserver.TCPServer(("0.0.0.0", 8080), handler)
  File "/usr/lib/python3.9/socketserver.py", line 452, in __init__
    self.server_bind()
  File "/usr/lib/python3.9/socketserver.py", line 466, in server_bind
    self.socket.bind(self.server_address)
OSError: [Errno 98] Address already in use
[?] Press Enter To Continue When Your netcat listener is Running ...
[!] Unexpected HTTP Response
mzfr commented 2 years ago

@salooali If you look at the error it says OSError: [Errno 98] Address already in use this means that the PORT you are trying to connect it on is already being used. This means that there must be some other application running which is using port 8080 (my assumption would be a proxy maybe i.e burp suite, mitmproxy etc). It can be any other application as well.

To fix this try to use another port or stop the service/application running on that port.

To check which application is running on what ports try the following commands:

salooali commented 2 years ago

Hey, Thank you so much for your response! Yeah, I understand this. But what about IP which IP should I put there? Ip of my VM or the target website? What is the use of nc -ntlp port-no? I have a large list of hosts can I scan all of those hosts with this tool? Without interacting with the tool like I've to enter IP and port. I want once I provided the file it will figure it out on its own. I hope you understand my query. Thanks

mzfr commented 2 years ago

What is the use of nc -ntlp port-no?

This is a reverse shell listener

Yeah, I understand this. But what about IP which IP should I put there? Ip of my VM or the target website?

IP of the machine you want reverse shell on.

If you don't know what reverse shell is then please read about it more to understand those.

I have a large list of hosts can I scan all of those hosts with this tool? Without interacting with the tool like I've to enter IP and port. I want once I provided the file it will figure it out on its own. I hope you understand my query.

Just provide the list and it will scan them and then will ask you the IP of your VM on which you'd like to have the reverse shell.

Another suggestion would be if you don't understand how LFI exploitation work then tries not to use a tool. Try to manually do it and get a reverse shell(you can find boot2root machines on HTB or vulnhub). That way you'll learn more and will understand it better. Once you've grasped the idea then you can use tools to do it on multiple vulnerable boot2root hosts/IP.

salooali commented 2 years ago

Hey Thanks for the response! Yeah, I'm a beginner in cybersecurity just curious to learn the things. I just made basic understanding of LFI and run the tool that's why I was having problems. But you give me the right directions. Thanks a lot for your guidance.