|
This one-liner will allow you to find LFI vulnerabilities on multiple URLs. Utilizing 'paramspider' to collect URL parameters from web archives, importing them to 'ffuf' for fuzzing while using an external wordlist dictionary. The following tools are required: https://github.com/devanshbatham/ParamSpider https://github.com/ffuf/ffuf Example: python3 paramspider.py -d testphp.vulnweb.com -o urls.txt | for URL in $(</root/Tools/ParamSpider/output/urls.txt); do (ffuf -u "$<URL}" -c -w /root/FUZZB/SecLists/sts/Fuzzing/LFI/LFI-Jhaddix.txt -ac); done |
| All times are GMT. The time now is 05:51 AM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.