pwrap

command line utility for testing php local file inclusion

How to use

run: pip3 install -r requirements.txt

launch pwrap by following these rules:

python3 pwrap.py [URL] [File inclusion entry point] [wrapper] [yaml filename]

where:

URL = the url location you want to test your LFI
File Inclusion entry point = the parameter that is vulnerable to LFI
wrapper = the possible wrapper that pwrap uses
yaml filename = yaml file where there are cookies information

The possible wrappers that pwrap uses are:

file
filter
data
zip
expect
input

Example usage

create a file with yaml extension and put the cookie informations:

---
"PHPSESSID": "abcderete43w",
"info1": "asdfasdad"
"info2": "sddskhfds"

then run the program: python3 pwrap.py http://somesite.com/ page file example-file.yaml

If everything goes well, pwrap will open a browser window with the outcome of the local file inclusion

Donation

If you want to support me donate monero coins at: 4B9WQivaHfd3miDfPKEfCianocGpBx9d8FXycz2vmNW3aBDVKHgkBd9Gmapt4RBVEpTwnehujsiUBBehUiLvnEHs7VFstCC

or here (0.0043 XMR):

Name		Name	Last commit message	Last commit date
Latest commit History 31 Commits
LICENSE		LICENSE
README.md		README.md
cookiejar.py		cookiejar.py
examplecookie.yaml		examplecookie.yaml
graphics.py		graphics.py
pwrap.py		pwrap.py
qrcode		qrcode
requirements.txt		requirements.txt
wrappers.py		wrappers.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

pwrap

How to use

Example usage

Donation

About

Releases

Packages

Languages

License

FrancescoDiSalesGithub/pwrap

Folders and files

Latest commit

History

Repository files navigation

pwrap

How to use

Example usage

Donation

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages