{"id":22799913,"url":"https://github.com/chocapikk/lfihunt","last_synced_at":"2025-04-19T16:44:28.726Z","repository":{"id":175955990,"uuid":"651257728","full_name":"Chocapikk/LFIHunt","owner":"Chocapikk","description":"Advanced Tool To Scan And Exploit Local File Inclusion (LFI) Vulnerabilities","archived":false,"fork":false,"pushed_at":"2023-06-24T13:57:06.000Z","size":358,"stargazers_count":32,"open_issues_count":0,"forks_count":9,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-29T10:23:47.376Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Chocapikk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-06-08T21:22:46.000Z","updated_at":"2025-03-13T21:00:13.000Z","dependencies_parsed_at":null,"dependency_job_id":"3c773635-a2d5-4f57-a76e-e90d5523f02e","html_url":"https://github.com/Chocapikk/LFIHunt","commit_stats":null,"previous_names":["chocapikk/lfihunt"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Chocapikk%2FLFIHunt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Chocapikk%2FLFIHunt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Chocapikk%2FLFIHunt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Chocapikk%2FLFIHunt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Chocapikk","download_url":"https://codeload.github.com/Chocapikk/LFIHunt/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249740892,"owners_count":21318714,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-12T07:10:24.991Z","updated_at":"2025-04-19T16:44:28.719Z","avatar_url":"https://github.com/Chocapikk.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# LFIHunt 🕵️‍♂️\n\nLFIHunt is a Python tool designed to streamline the process of exploiting Local File Inclusion (LFI) vulnerabilities. It employs a range of techniques to attempt to exploit these vulnerabilities and, if successful, offers automatic shell access or file reading.\n\nCreated by: Chocapikk\n\n## 🚀 Getting Started\n\nTo install LFIHunt, start by cloning the repository, then install the required dependencies with pip:\n\n```bash\n$ git clone https://github.com/Chocapikk/LFIHunt.git\n$ cd LFIHunt/\n$ pip install -r requirements.txt\n```\n\n## 🛠️ Usage\n\nTo start LFIHunt, simply run the Python script from the command line:\n\n```bash\n$ python LFIHunt.py\n```\n\nOnce launched, you will see the following prompt:\n\n```\n   __    ________                   _\n  / /   / __\\_   \\/\\  /\\_   _ _ __ | |_\n / /   / _\\  / /\\/ /_/ / | | | '_ \\| __|\n/ /___/ / /\\/ /_/ __  /| |_| | | | | |_\n\\____/\\/  \\____/\\/ /_/  \\__,_|_| |_|\\__|\n\n    Creator: Chocapikk\n\nEnter site URL to test: http://example.com\n\nSelect a module to run:\n1: PHPInputExploiter\n2: PHPFilterChainGenerator\n3: DataChecker\n4: PHPFilterChecker\n5: EnvironChecker\n6: PHPPearCmdChecker\n7: LFIChecker\n8: Change URL\n\u003e\u003e\u003e\n```\n\nThe tool provides several modules, each corresponding to a different LFI exploitation technique:\n\n1. **PHPInputExploiter** - exploits vulnerability using the `php://input` technique.\n2. **PHPFilterChainGenerator** - exploits vulnerability using `php://filter` chains.\n3. **DataChecker** - exploits vulnerability using the `data://` technique.\n4. **PHPFilterChecker** - exploits vulnerability using the `php://filter` technique.\n5. **EnvironChecker** - exploits vulnerability using the `/proc/self/environ` technique.\n6. **PHPPearCmdChecker** - exploits vulnerability using the PearCmd shell technique.\n7. **LFIChecker** - uses a fuzzer to test for various LFI exploitation methods.\n8. **Change URL** - allows you to change the site URL to test.\n\nUpon finding a vulnerability, the tool will offer automatic shell access for exploitation or offer file reading.\n\n## ⚠️ Disclaimer\n\nPlease note that this tool should be used ethically and responsibly. Do not use this tool on sites for which you do not have explicit permission to test security. The creator and contributors of LFIHunt are not responsible for any misuse or damage caused by this program. Always respect the laws and regulations concerning penetration testing.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchocapikk%2Flfihunt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchocapikk%2Flfihunt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchocapikk%2Flfihunt/lists"}