Skip to content

Rumixyz/FlagSnatcher

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

11 Commits
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
solver.py
solver.py
Β 
Β 

Repository files navigation

FlagSnatcher 🏁😎

License: MIT Python Snatches flags from LFI vulnerable apps. Fast. Automated. No manual ../ guessing.

Why FlagSnatcher?

I spent 2 hours manually trying ../../../../flag on TryHackMe. Built this to never do that again.

Features

  • βœ… Auto bruteforces 20+ common flag paths
  • βœ… Null byte %00 truncation bypass
  • βœ… PHP filter + Base64 auto-decode
  • βœ… Clean output - shows flag only when found
  • βœ… Built for CTF beginners

Usage

python solver.py <TARGET_URL> <PARAM_NAME> <PREFIX>

*Example - THM DogCat Room:*

python solver.py http://10.49.182.104 view dog

Output

[+] FLAG FOUND with Null Byte!
[+] URL: http://10.49.182.104/?view=dog../../../flag.txt%00
[+] FLAG: THM{example_flag_here}

Disclaimer
For educational CTF use only. Test only on machines you have permission to attack.

*Built with πŸ’ͺ by UZMA after a frustrating LFI session*


---

About

Automated LFI flag finder for CTF challenges. Snatches flags in seconds. Built after THM DogCat frustration.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages