Skip to content

Instantly share code, notes, and snippets.

Last active March 23, 2016 23:38
Show Gist options
  • Save glaslos/ac8c32e90ba33e01624e to your computer and use it in GitHub Desktop.
Save glaslos/ac8c32e90ba33e01624e to your computer and use it in GitHub Desktop.
import SimpleHTTPServer
import SocketServer
paths = set()
class Handler(SimpleHTTPServer.SimpleHTTPRequestHandler):
def do_GET(self):
# Detect remote file inclusion
if '=http' in self.path:
print 'RFI detected'
# TODO: Add RFI handler here
# Detect local file inclusion
elif '../../' in self.path:
print 'LFI detected'
# TODO: Add LFI handler here
# Collect dorks from attacks
paths.add('<a href="{}">a link?</a><br />'.format(self.path))
# Compose the attack surface, adding all dorks
http_doc = """
a:link, a:visited, a:active, a:hover{{
is there
<a href=''>a link?</a><br />
# Send response
if __name__ == '__main__':
SocketServer.TCPServer.allow_reuse_address = True
httpd = SocketServer.TCPServer(('localhost', 8080), Handler)
print "Serving at port 8080"
except KeyboardInterrupt:
print 'bye'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment