unable to Run the tool about liffy HOT 4 CLOSED

Hey
Thanks for the response!
Yeah, I'm a beginner in cybersecurity just curious to learn the things. I just made basic understanding of LFI and run the tool that's why I was having problems. But you give me the right directions.
Thanks a lot for your guidance.

from liffy.

@salooali If you look at the error it says OSError: [Errno 98] Address already in use this means that the PORT you are trying to connect it on is already being used. This means that there must be some other application running which is using port 8080 (my assumption would be a proxy maybe i.e burp suite, mitmproxy etc). It can be any other application as well.

To fix this try to use another port or stop the service/application running on that port.

To check which application is running on what ports try the following commands:

• On windows: netstat -anp or netstat -an
• On Linux try: ss -ntlp

from liffy.

Hey, Thank you so much for your response!
Yeah, I understand this. But what about IP which IP should I put there? Ip of my VM or the target website?
What is the use of nc -ntlp port-no?
I have a large list of hosts can I scan all of those hosts with this tool? Without interacting with the tool like I've to enter IP and port. I want once I provided the file it will figure it out on its own. I hope you understand my query.
Thanks

from liffy.

What is the use of nc -ntlp port-no?

This is a reverse shell listener

Yeah, I understand this. But what about IP which IP should I put there? Ip of my VM or the target website?

IP of the machine you want reverse shell on.

If you don't know what reverse shell is then please read about it more to understand those.

I have a large list of hosts can I scan all of those hosts with this tool? Without interacting with the tool like I've to enter IP and port. I want once I provided the file it will figure it out on its own. I hope you understand my query.

Just provide the list and it will scan them and then will ask you the IP of your VM on which you'd like to have the reverse shell.

Another suggestion would be if you don't understand how LFI exploitation work then tries not to use a tool. Try to manually do it and get a reverse shell(you can find boot2root machines on HTB or vulnhub). That way you'll learn more and will understand it better. Once you've grasped the idea then you can use tools to do it on multiple vulnerable boot2root hosts/IP.

from liffy.