p0cl4bs / kadimus Goto Github PK
View Code? Open in Web Editor NEWkadimus is a tool to check and exploit lfi vulnerability.
License: MIT License
kadimus is a tool to check and exploit lfi vulnerability.
License: MIT License
Hi, I'd be great to give a user an opportunity to turn off unnecessary messages, - print a text only in the case when the vulnerable parameter has been found. If this is one parameter/URL - it's ok. But when you need to feed -u to kadimus thousands of times in automated pipeline, - it's a headache🤯
Also, it'd be super cool if you specify in the readme (options) what is the default values for --connect-timeout/--retry.
If there will be no activity/response soon, I'll implement a feature myself.
Thank you and have a nice day, Max (@ w2w).
make
CC bin/techniques/auth-log-poison.o
src/techniques/auth-log-poison.c:11:10: fatal error: libssh/libssh.h: No such file or directory
11 | #include <libssh/libssh.h>
| ^~~~~~~~~~~~~~~~~
compilation terminated.
make: *** [Makefile:22: bin/techniques/auth-log-poison.o] Error 1
The use of relative paths in some areas of the code seems to be preventing kadimus from executing if you're not running it from the directory where it's installed. As you can see below, trying to run kadimus from a symlink appears to fail because it's not resolving the full path to errors.txt
:
w0rldpain@kali:~$ sudo ln -s /opt/Kadimus/kadimus /usr/local/bin/kadimus
w0rldpain@kali:~$ kadimus -u http://10.10.10.194/news.php?file=statement
_ __ _ _
| |/ /__ _ __| (_)_ __ ___ _ _ ___
| ' // _` |/ _` | | '_ ` _ \| | | / __|
| . \ (_| | (_| | | | | | | | |_| \__ \
|_|\_\__,_|\__,_|_|_| |_| |_|\__,_|___/
v1.5 - LFI Scan & Exploit Tool (@hc0d3r - P0cL4bs Team)
[14:20:11] [INFO] starting scanning the URL: http://10.10.10.194/news.php?file=statement
[14:20:11] [INFO] testing if URL have dynamic content ...
[14:20:11] [INFO] URL dont have dynamic content
[14:20:11] [INFO] analyzing 'file' parameter ...
[14:20:11] [INFO] checking for lfi error messages
[14:20:11] [INFO] using random url: http://10.10.10.194/news.php?file=h2mD6tM
[src/io/utils.c:xfopen:15] fopen(./resource/errors.txt, "r") failed, errno = 2
Could calls like these in the code be modified to use the absolute path to the executable location, so users who want to run kadimus via symlinks or aliases can do so?
Other LFI methods could be included:
make
i will get this error why ?:
CC bin/techniques/php-input.o In file included from src/techniques/php-input.c:2: src/request/request.h:4:10: fatal error: curl/curl.h: Böyle bir dosya ya da dizin yok 4 | #include <curl/curl.h> | ^~~~~~~~~~~~~ compilation terminated. make: *** [Makefile:22: bin/techniques/php-input.o] Error 1
cannot find request.sh?
root@kali:~/Desktop# git clone https://github.com/P0cL4bs/Kadimus.git
Cloning into 'Kadimus'...
remote: Counting objects: 202, done.
remote: Total 202 (delta 0), reused 0 (delta 0), pack-reused 202
Receiving objects: 100% (202/202), 53.34 KiB | 75.00 KiB/s, done.
Resolving deltas: 100% (113/113), done.
root@kali:/Desktop#/Desktop# cd Kadimus/
root@kali:
root@kali:/Desktop/Kadimus# ls/Desktop/Kadimus# ./configure
bin configure license.txt Makefile README.md resource src
root@kali:
Checking libraries...
libcurl Ok
libssl Ok
libpcre Ok
libssh Ok
root@kali:~/Desktop/Kadimus# make
gcc -Wall -Wextra -O3 -c -o bin/kadimus_common.o src/kadimus_common.c
gcc -Wall -Wextra -O3 -c -o bin/kadimus_mem.o src/kadimus_mem.c
gcc -Wall -Wextra -O3 -c -o bin/kadimus_request.o src/kadimus_request.c
In file included from src/kadimus_request.c:1:0:
src/kadimus_request.h:4:23: fatal error: curl/curl.h: No such file or directory
#include <curl/curl.h>
^
compilation terminated.
Makefile:21: recipe for target 'bin/kadimus_request.o' failed
make: *** [bin/kadimus_request.o] Error 1
Error when compiling...
bin/techniques/php-input.o
In file included from src/techniques/php-input.c:2:
src/request/request.h:4:10: fatal error: curl/curl.h: No such file or directory
4 | #include <curl/curl.h>
| ^~~~~~~~~~~~~
compilation terminated.
make: *** [Makefile:22: bin/techniques/php-input.o] Error 1
I have ran the configure but it fails to makefile
oot@kali:~/Downloads/Kadimus# make
gcc -Wall -Wextra -O3 -c -o bin/kadimus_request.o src/kadimus_request.c
In file included from src/kadimus_request.c:1:0:
src/kadimus_request.h:4:23: fatal error: curl/curl.h: No such file or directory
#include <curl/curl.h>
^
compilation terminated.
Makefile:21: recipe for target 'bin/kadimus_request.o' failed
make: *** [bin/kadimus_request.o] Error 1
this message shown when it install it :
~/Kadimus# make
gcc -Wall -Wextra -O3 -c -o bin/kadimus_common.o src/kadimus_common.c
gcc -Wall -Wextra -O3 -c -o bin/kadimus_mem.o src/kadimus_mem.c
gcc -Wall -Wextra -O3 -c -o bin/kadimus_request.o src/kadimus_request.c
In file included from src/kadimus_request.c:1:0:
src/kadimus_request.h:6:28: fatal error: openssl/crypto.h: No such file or directory
#include <openssl/crypto.h>
^
compilation terminated.
Makefile:21: recipe for target 'bin/kadimus_request.o' failed
make: *** [bin/kadimus_request.o] Error 1
Hello! Is your tool able to scan via POST requests? I cannot find a workable tool that can perform LFI scanning via POST.
It will be cool if you implement the feature in your tool or explain how to use it if it is implemented already.
Thank you very much in advance.
Can we make this take multiple urlz and use all this cool scanning methods
and also can we make it scan non parameter paths like to be able to scan were ther is no parameter
for example a directory like
example.com/achive../../../../etc/passwd
It sounds interesting, some sample video ??
When I run make on my mac I get the following:
src/techniques/auth-log-poison.c:11:10: fatal error: 'libssh/libssh.h' file not found
#include <libssh/libssh.h>
Any ideas to fix this? I tried to download the libssh manually but it didn't work
Kadimus is a nice tool. Maybe we should make it work with Mac OS X.
Here you go made a pull request with the functionality to compile on mac for you:
#4
brammittendorff$ system_profiler SPSoftwareDataType
Software:
System Software Overview:
System Version: OS X 10.11.5 (15F34)
Kernel Version: Darwin 15.5.0
Boot Volume: Untitled
Boot Mode: Normal
Secure Virtual Memory: Enabled
System Integrity Protection: Enabled
Time since boot: 3 days 4:37
brammittendorff$ ./configure
brew based
Checking package: pcre Installed
Checking package: openssl Installed
Checking package: libssh Installed
brammittendorff$ make
gcc -Wall -Wextra -O3 -c -o bin/kadimus_common.o src/kadimus_common.c
gcc -Wall -Wextra -O3 -c -o bin/kadimus_mem.o src/kadimus_mem.c
gcc -Wall -Wextra -O3 -c -o bin/kadimus_request.o src/kadimus_request.c
gcc -Wall -Wextra -O3 -c -o bin/kadimus_str.o src/kadimus_str.c
gcc -Wall -Wextra -O3 -c -o bin/kadimus_xpl.o src/kadimus_xpl.c
gcc -Wall -Wextra -O3 -c -o bin/kadimus_regex.o src/kadimus_regex.c
gcc -Wall -Wextra -O3 -c -o bin/kadimus_socket.o src/kadimus_socket.c
gcc -Wall -Wextra -O3 -c -o bin/kadimus_io.o src/kadimus_io.c
gcc -Wall -Wextra -O3 -c -o bin/kadimus.o src/kadimus.c
gcc -o kadimus bin/kadimus_common.o bin/kadimus_mem.o bin/kadimus_request.o bin/kadimus_str.o bin/kadimus_xpl.o bin/kadimus_regex.o bin/kadimus_socket.o bin/kadimus_io.o bin/kadimus.o -lcurl -lpcre -lpthread -lssh -ldl -lcrypto -Wall -Wextra -O3
brammittendorff$ ./kadimus
_ __ _ _
| |/ /__ _ __| (_)_ __ ___ _ _ ___
| ' // _` |/ _` | | '_ ` _ \| | | / __|
| . \ (_| | (_| | | | | | | | |_| \__ \
|_|\_\__,_|\__,_|_|_| |_| |_|\__,_|___/
v1.1 - LFI Scan & Exploit Tool (@hc0d3r - P0cL4bs Team)
kadimus: try 'kadimus -h' or 'kadimus --help' for display help
hi folks
i am running ubuntu 18.04 and i got this issue when running make:
nocomp@P0wnB0x:/tools/kadimus$ make/tools/kadimus$
CC bin/techniques/php-input.o
In file included from src/techniques/php-input.c:2:0:
src/request/request.h:4:10: fatal error: curl/curl.h: Aucun fichier ou dossier de ce type
#include <curl/curl.h>
^~~~~~~~~~~~~
compilation terminated.
Makefile:21: recipe for target 'bin/techniques/php-input.o' failed
make: *** [bin/techniques/php-input.o] Error 1
nocomp@P0wnB0x:
any idea how fix it?
thx for your time
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.