is a lightweight and efficient tool designed to detect Local File Inclusion vulnerabilities in web applications. The tool scans the response body of URLs for specific patterns that indicate potential LFI exposure.
- Pattern Matching: Detects common patterns associated with LFI vulnerabilities, such as /etc/passwd, boot.ini, and other sensitive files.
- Versatile Input: Accepts URLs directly from the command line or reads from stdin, making it easy to integrate with other tools and scripts.
- Timeout Control: Allows setting a custom request timeout to handle slow or unresponsive servers.
- Verbose Mode: Provides detailed error messages and additional logging when needed.
- Efficient Processing: Uses buffered I/O and optimized string matching for fast and memory-efficient processing.
- Error Handling: Robust against network errors and malformed URLs, suitable for production environments.
To install the LFI Pattern Detector, ensure you have Go installed and then run:
go install -v github.com/Vulnpire/lfipad@latest
git clone https://github.com/Vulnpire/lfipad.git
cd ./lfipad
go build -o lfipad main.go
Single URL:
Provide a single URL as an argument to check for LFI patterns.
lfipad "http://example.com/vulnerable.php?file=../../../../../../../../../../../../../../../etc/passwd"
Multiple URLs via stdin:
Pipe a list of URLs into the tool using stdin.
cat urls.txt | ./LFIpad
Custom Timeout:
Set a custom request timeout with the -timeout flag.
lfipad -timeout=10s "http://example.com/vulnerable.php?file=../../../../../../../../../../../../../../../etc/passwd"
Detected patterns in http://example.com/vulnerable.php?file=../../../../../../../../../../../../../../../etc/passwd:
- root:- root:
This tool is intended for educational purposes and for use in security assessments where you have explicit permission to test.