Liffy – Local File Inclusion Exploitation Tool

Local File Inclusion (LFI) is similar to a Remote File Inclusion vulnerability except instead of including remote files, only local files i.e. files
on the current server can be included. The vulnerability is also due to
the use of user-supplied input without proper validation.

http://www.ehacking.net/2014/07/liffy-local-file-inclusion-exploitation.html

This vulnerability occurs, for example, when a page receives, as input,
the path to the file that has to be included and this input is not
properly sanitized, allowing directory traversal characters (such as
dot-dot-slash) to be injected. Although most examples point to
vulnerable PHP scripts, we should keep in mind that it is also common in
other technologies such as JSP, ASP and others.

What is Liffy ?

Liffy is a tool written in Python designed to exploit local file
inclusion vulnerabilities using three different techniques that will get
you a working web shell. The first two make use of the built-in PHP
wrappers php://input and data://. The third makes use of the process control extension called ‘expect’.

Current features include:

  • data:// for code execution
  • expect:// for code execution
  • input:// for code execution
  • filter:// for arbitrary file reads
  • /proc/self/environ for code execution in CGI mode
  • Apache access.log poisoning
  • Linux auth.log SSH poisoning
  • Direct payload delivery with no stager
  • Support for absolute and relative paths
  • Support for cookies

How to Install Liffy

Liffy requires the following libraries: requests, argparse, blessings, urlparse
In order to host the payload you may use Node’s HTTP server: https://github.com/nodeapps/http-server

Or you can simply spawn python’s SimpleHTTPServer in /tmp on port
8000. Further development of the tool will eventually include spawning a
built-in web server in order to download, for now you can adjust the
location and port in the source code for your needs. These can be
changed in core.py under the execute functions.

Download & Reference

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...