https://github.com/boxingoctopuscreative/toxin

LFI (Local File Inclusion) Exploitation Tool
https://github.com/boxingoctopuscreative/toxin

click lfi-exploitation local-file-inclusion python requests security-tools

Last synced: 10 months ago
JSON representation

LFI (Local File Inclusion) Exploitation Tool

• Host: GitHub
• URL: https://github.com/boxingoctopuscreative/toxin
• Owner: BoxingOctopusCreative
• License: mpl-2.0
• Created: 2018-08-20T20:43:18.000Z (almost 8 years ago)
• Default Branch: main
• Last Pushed: 2021-01-04T20:25:37.000Z (over 5 years ago)
• Last Synced: 2023-10-20T00:57:50.615Z (over 2 years ago)
• Topics: click, lfi-exploitation, local-file-inclusion, python, requests, security-tools
• Language: Python
• Size: 13.7 KB
• Stars: 16
• Watchers: 4
• Forks: 6
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Toxin

Toxin is an LFI (Local File Inclusion)/Log Pollution Exploitation Tool.

## Introduction

Toxin exploits a particular (and yet also common)type of 

Local File Inclusion (LFI) vulnerability wherein the attacker

is able to take advantage of PHP's `register_globals` setting. 

In this attack scenario, the attacker would craft a custom 

`User-Agent` header which would contain arbitrary PHP code

that would register a new global variable to the environment

like so:

```php

```

With the new, malicious global variable registered, we can add it 

to a query string within a URL containing a file on the target host

which is vulnerable to inclusion, and then use the file along with

the query string to execute arbitrary system-level commands, like so:

`http://target.tld/info.php?page=../../../../../var/log/apache/access.log&cmd=whoami`

There are a number of common files which typically fall prey to this attack, 

Toxin does not attempt to fuzz for those files, but instead expects you, 

the attacker, to have prior knowledge of your target.

## Installation

`$ python setup.py install`

## Usage

```bash

  ______           _

 /_  __/___  _  __(_)___

  / / / __ \| |/_/ / __ \

 / / / /_/ />   / / / /

/_/  \____/_/|_/_/_/ /_/

Usage: toxin [OPTIONS]

  Toxin: Local File Inclusion Exploitation Tool

Options:

  -u, --url TEXT        URL to query

  -p, --parameter TEXT  Parameter to inject into User-Agent header

                        (Default: 'cmd')

  -c, --command TEXT    Command to Run

  -m, --mode TEXT       Mode (Inject or Exploit)

  -g, --paged           Paged Output

  --version             Show the version and exit.

  --help                Show this message and exit.

  -h                    Show this message and exit.

```