search

gwen001 / offsectools_www

A vast collection of security tools and resources curated by the community.
https://offsec.tools
177 stars 21 forks source link

[addtool] FDsploit #168

Closed mrrootsec closed 1 year ago

mrrootsec commented 1 year ago

[link]https://github.com/chrispetrou/FDsploit[/link] [short_descr] File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.[/short_descr] [tags]fuzzing,vulnerabilities[/tags] [long_descr]FDsploit can be used to discover and exploit Local/Remote File Inclusion and directory traversal vulnerabilities automatically. In case an LFI vulnerability is found, --lfishell option can be used to exploit it. For now, 3 different types of LFI shells are supported:

simple: This type of shell allows user to read files easily without having to type the url everytime. Also it only provides the output of the file and not the whole html-source code of the page which makes it very useful.
expect: This type of shell is a semi-interactive shell which allows user to execute commands through PHP's expect:// wrapper.
input: This type of shell is a semi-interactive shell which also allows user to execute commands through PHP's php://input stream.

[/long_descr] image

gwen001 commented 1 year ago

Issue correctly handled, tool is waiting for human validation.

gwen001 commented 1 year ago

Tool has been accepted: https://offsec.tools/tool/fdsploit

Thank you!