Nytro Posted May 27, 2011 Report Posted May 27, 2011 Fimap The local and remote file inclusion auditing and exploitation v0.9fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It’s currently under heavy development but it’s usable.Changelog Cookie scanning and attacking. New ‘AutoAwesome‘ operating mode. Dot-Truncation mode for breaking suffixes on windows servers. New –force-os switch which lets you define in advance which OS to assume. Better logfile kickstarter injection. Dynamic RFI encoder for webservers which interpret your (PHP) code (–rfi_encode=php_b64). Tons of bugfixes. Lots of stuff I forgot to mention.Features Check a Single URL, List of URLs, or Google results fully automaticly. Can identify and exploit file inclusion bugs. Relative\Absolute Path Handling. Tries automaticly to eleminate suffixes with Nullbyte and other methods like Dot-Truncation. Remotefile Injection. Logfile Injection. (FimapLogInjection) Test and exploit multiple bugs: include() include_once() require() require_once() You always define absolute pathnames in the configs. No monkey like pathes like: ../etc/passwd ../../etc/passwd ../../../etc/passwd But in cases where the server doesn’t print messages you can enable the monkey-like checking with --enable-blind! Has an interactive exploit mode which… …can spawn a shell on vulnerable systems. …can spawn a reverse shell on vulnerable systems. …can do everything you have added in your payload-dict inside the config.py Add your own payloads and pathes to the config.py file. Has a Harvest mode which can collect URLs from a given domain for later pentesting. Goto FimapHelpPage for all features. Works also on windows. Can handle directories in RFI mode like: <? include ($_GET["inc"] . "/content/index.html"); ?> <? include ($_GET["inc"] . "_lang/index.html"); ?> where Null-Byte is not possible. Can use proxys. Scans GET and POST variables. Has a very small footprint. Can attack also windows servers! (WindowsAttack) Has a tiny plugin interface for writing exploitmode plugins (PluginDevelopment) Cookie and Header scanning and exploiting.Download:http://code.google.com/p/fimap/Sursa: Fimap The local and remote file inclusion auditing and exploitation v0.9 released « IT Vulnerability & ToolsWatch Quote
