{"id":13845413,"url":"https://github.com/kostas-pa/LFITester","last_synced_at":"2025-07-12T02:31:11.045Z","repository":{"id":41998449,"uuid":"365519428","full_name":"kostas-pa/LFITester","owner":"kostas-pa","description":"LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.","archived":false,"fork":false,"pushed_at":"2024-06-18T16:26:50.000Z","size":424,"stargazers_count":97,"open_issues_count":6,"forks_count":23,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-08-05T17:44:30.623Z","etag":null,"topics":["bugbounty","crawler","cybersecurity","enumeration","exploitation","fuzzing","hacking","lfi","lfi-detection","lfi-exploitation","lfi-vulnerability","penetration-testing","penetration-testing-tools","pentest-tool","pentesting","python","web-hacking","webhacking"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kostas-pa.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-05-08T13:19:49.000Z","updated_at":"2024-07-29T11:14:29.000Z","dependencies_parsed_at":"2023-01-28T10:45:45.146Z","dependency_job_id":"70cefb09-93b2-4286-8258-f6df24b6ffa9","html_url":"https://github.com/kostas-pa/LFITester","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kostas-pa%2FLFITester","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kostas-pa%2FLFITester/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kostas-pa%2FLFITester/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kostas-pa%2FLFITester/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kostas-pa","download_url":"https://codeload.github.com/kostas-pa/LFITester/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225784481,"owners_count":17523654,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bugbounty","crawler","cybersecurity","enumeration","exploitation","fuzzing","hacking","lfi","lfi-detection","lfi-exploitation","lfi-vulnerability","penetration-testing","penetration-testing-tools","pentest-tool","pentesting","python","web-hacking","webhacking"],"created_at":"2024-08-04T17:03:23.433Z","updated_at":"2025-07-12T02:31:11.006Z","avatar_url":"https://github.com/kostas-pa.png","language":"Python","funding_links":[],"categories":["[](#table-of-contents) Table of contents","Python"],"sub_categories":["[](#dorkspentestvulnerabilities)Dorks/Pentest/Vulnerabilities"],"readme":"[![Python 3](https://img.shields.io/badge/Python-3-blue.svg)](https://www.python.org/downloads/)\n[![GNU V3 License](https://img.shields.io/badge/License-GNUV3-red.svg)](LICENSE)\n\n# DISCLAIMER\n• This tool is for educational purposes only.\n\n• The developers and collaborators are not responsible for any illegal usage of this tool.\n\n\n\n# LFITester\n\nLFITester is a Python3 tool which tests if a server is vulnerable to Local File Inclusion (LFI) attacks.\n\nIt runs in Linux/Unix systems but it can run on windows as well. In order to use this program:\n\n• You have to have Python3 installed in your system or you can download it from https://www.python.org/downloads/\n\n• You will also need pip which if you don't have just run ```sudo apt install python3-pip``` for linux.\n\n• Download the program or clone the repository in your system `git clone https://github.com/kostas-pa/LFITester.git`\n\n• Go to the LFITester folder\n\n• First run the command ```sudo chmod +x setup.sh```\n\n• Then run ```sudo ./setup.sh``` which will automatically install the required packages \n\n• After that you can simply run lfitester as a command.\n\n• It is recommended to run the **--update** flag before initiating an attack\n\n# Supported Attacks\n\n- Path Traversal and bypasses (Null byte, encoding, Filter Bypasses)\n- PHP Filter\n- Remote Code Execution (RCE) through:\n - Log Poisoning (Apache, Nginx)\n - PHP Session Files\n - PHP Wrappers\n\n```\n$python3 LFITester.py \n└──╼ $./LFITester.py \n _ ______ _____ _______ _ \n| | | ____|_ _|__ __| | | \n| | | |__ | | | | ___ ___| |_ ___ _ __ \n| | | __| | | | |/ _ \\/ __| __/ _ \\ '__|\n| |____| | _| |_ | | __/\\__ \\ || __/ | \n|______|_| |_____| |_|\\___||___/\\__\\___|_| \n \n \n\n**********************************************************************************************************************************************************************************************\n LFITester\n Automated LFI Testing\n**********************************************************************************************************************************************************************************************\nusage: LFITester.py [-h] [-u URL] [-L URL_File] [-c] [-v] [-o [OUTFILE]] [--creds [user:pass]] [-p] [--autopwn IP]\n [-m Payload] [-f] [--update] [--batch-ans BATCH] [-s] [--poc-file POC] [-H HEADERS] [-C COOKIES]\n\n Payload Modes:\n 0: Simple bash TCP\n 1: Alternative bash TCP\n 2: Simple sh UDP\n 3: Alternative sh TCP\n 4: Perl TCP\n 5: Alternative Perl TCP\n 6: Python TCP\n 7: Alternative python TCP\n 8: Alternative 2 python TCP\n 9: Alternative 3 python TCP\n 10: Alternative (No Spaces) python TCP\n 11: Alternative (No Spaces) 2 python TCP\n 12: Alternative (No Spaces) 3 python TCP\n 13: Alternative (No Spaces) Shortened python TCP\n 14: Alternative (No Spaces) Shortened 2 python TCP\n 15: Alternative (No Spaces) Shortened 3 python TCP\n 16: Alternative (No Spaces) Shortened Further python TCP\n 17: Alternative (No Spaces) Shortened Further 2 python TCP\n 18: Alternative (No Spaces) Shortened Further 3 python TCP\n 19: Python3 TCP\n 20: Alternative python3 TCP\n 21: Alternative 2 python3 TCP\n 22: Alternative 3 python3 TCP\n 23: Alternative (No Spaces) python3 TCP\n 24: Alternative (No Spaces) 2 python3 TCP\n 25: Alternative (No Spaces) 3 python3 TCP\n 26: Alternative (No Spaces) Shortened python3 TCP\n 27: Alternative (No Spaces) Shortened 2 python3 TCP\n 28: Alternative (No Spaces) Shortened 3 python3 TCP\n 29: Alternative (No Spaces) Shortened Further python3 TCP\n 30: Alternative (No Spaces) Shortened Further 2 python3 TCP\n 31: Alternative (No Spaces) Shortened Further 3 python3 TCP\n 32: Php exec\n 33: Php shell_exec\n 34: Php over sh\n 35: Php system\n 36: Php passthru\n 37: Php popen\n 38: Php proc_open\n 39: Ruby\n 40: Ruby Alternative\n 41: Go\n 42: Netcat sh\n 43: Netcat bash\n 44: Netcat alternative bash\n 45: Netcat openBSD\n 46: Ncat\n 47: Ncat UDP \n\noptions:\n -h, --help show this help message and exit\n -u URL, --url URL The url to test. The URL usually is http://[URL]?[something]=\n -L URL_File, --list-url URL_File\n Input a list of URLs from an external file. The URLs format usually is http://[URL]?[something]=\n -c, --crawl use the crawler to test all the endpoints\n -v, --verbose Increase output verbosity\n -o [OUTFILE], --output [OUTFILE]\n The file to save the results\n --creds [user:pass] The credentials to login\n -p, --enable-proxies Enable proxy redirection. Default proxies are free and you can change them. If you don't want the\n default proxies you can supply your own and this option will be overridden! Note that the proxies\n will be picked at random for each request\n --autopwn IP If the webapp is vulnerable to LFI then it will attempt to exploit it and give back a shell. This\n option requires your IP in order to connect with the revshell\n -m Payload, --mode Payload\n Select the payload that suits best. Try different ones if the exploit doesn't work.\n -f, --force Treat endpoint as alive even if it returns 404\n --update Update LFITester\n --batch-ans BATCH Answer all yes/no\n -s, --stealth Enable stealth mode\n --poc-file POC Your custom poc file.\n -H HEADERS, --headers HEADERS\n Add extra headers\n -C COOKIES, --cookies COOKIES\n Add extra cookies\n -r PACKET_FILE, --packet-file PACKET_FILE\n Import headers/cookies/body from a packet file (HTTP or Burp format)\n\nProxies in the list must be in the following format: protocol://{proxyip} \nusername:password (newline). If you dont have a authenticated \nproxy then skip the username:password entry and go for a new line\n\nExamples: \n LFITester.py -u \"http://URL?smt=\" = test one specific endpoint\n LFITester.py -L test.txt = test a list of endpoints from file\n LFITester.py -c -u \"http://URL\" = crawl and test all endpoints of that URL\n LFITester.py -c -L test.txt = crawl and test all endpoints for every URL in the file\n LFITester.py --creds abc:abc -u \"http://URL?smt=\" = test one specific endpoint which requires a login\n\nDevelopers: Konstantinos Papanagnou (https://github.com/Konstantinos-Papanagnou)\n Konstantinos Pantazis (https://github.com/kostas-pa)\n Timothy Stowe (https://github.com/timothy90990)\n```\n\n• Basic Usage: `python3 LFITester.py -u \"http://myvulnerabledomain/vulnerable/application?test_param=\"`\n\n# New Feature AUTOPWN \u0026 Threading support\n- Automatically opens a reverse shell if it finds RCE (see all the reverse shells in the description).\n- Added threads to the attacks and to the proxies which speeds things up significantly!\n\n# ⚠️ Common Issues\n• If you are having issues with a URL that has 2 query parameters like http://url?param1=1\u0026param2=2, try to run it with \"\" like so \"http://url?param1=1\u0026param2=2\"\n\n• If you are user and you get an error about Git, then try to run lfitester with the sudo command like so **sudo lfitester [flags]**\n\n• If you are having issues with a library, try running the **--update** flag and then ```sudo pip3 install -r requirements.txt``` as the requirements may have changed\n\n• If you can't see the color in the output file but instead you see color codes, google ```[your text editor] display ANSI color codes```.\n\n• If the setup.sh can't install a python package, try installing it manually with the command ```sudo pip3 install [package]```\n\n• If it gets stuck just press enter, for now :)\n\n• If you get strange encoding results, try to remove any value from the parameters, including Burp files.\n\n# Sidenote\n• If you like this project please consider giving it a star\n\n# Credits\n• To all the contributors for assisting me with this project and for the knowledge they provided.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkostas-pa%2FLFITester","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkostas-pa%2FLFITester","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkostas-pa%2FLFITester/lists"}