search

kurobeats / fimap

fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.
GNU General Public License v2.0
521 stars 99 forks source link

Bug #3 #22

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 

On which URL this error occures? (Important!)

Which version of fimap you are using? (You can see that in the very first
line)

On what operating system?
Debian/Ubuntu

Please provide any additional information below.

[OUT] Parsing URL 'http://www.caf.ro/php/index.php?indpg=contact'...
[INFO] Fiddling around with URL...
[OUT] Possible file inclusion found! -> 'http://www.caf.ro/php/index.php?
indpg=ejHPvQrN' with Parameter 'indpg'.
[OUT] Identifing Vulnerability 'http://www.caf.ro/php/index.php?
indpg=contact' with Param 'indpg'...
[WARN] Failed to do request to (http://www.caf.ro/php/index.php?
indpg=fnJLZzzM)
[WARN] <urlopen error timed out>

========= CONGRATULATIONS! =========
You have just found a bug!
If you are cool, send the following stacktrace to the bugtracker on 
http://fimap.googlecode.com/
Push enter to see the stacktrace...
cut here %<--------------------------------------------------------------
Traceback (most recent call last):
  File "./fimap.py", line 258, in ?
    g.startGoogleScan()
  File "/tmp/fimap_alpha_v06.1/googleScan.py", line 76, in startGoogleScan
    single.scan()
  File "/tmp/fimap_alpha_v06.1/singleScan.py", line 51, in scan
    res = t.testTargetVuln()
  File "/tmp/fimap_alpha_v06.1/targetScanner.py", line 83, in 
testTargetVuln
    rep = self.identifyVuln(self.Target_URL, self.params, k)
  File "/tmp/fimap_alpha_v06.1/targetScanner.py", line 113, in identifyVuln
    m = RE_SUCCESS_MSG.search(code)
TypeError: expected string or buffer

Original issue reported on code.google.com by spe...@gmail.com on 17 Dec 2009 at 5:47

GoogleCodeExporter commented 9 years ago 
Hi speakz,

Thanks very much for your bug reports.
I will fix them all today.
Was a bit busy yesterday so I failed to fix them :)
But will do it today if I am home.

-imax.

Original comment by fimap....@gmail.com on 19 Dec 2009 at 8:41

GoogleCodeExporter commented 9 years ago 
Hi speakz,

This works like a charm with SVN version.
So its fixed already.

Thanks for taking your time and reporting anyways.
-imax.

Original comment by fimap....@gmail.com on 19 Dec 2009 at 11:09

GoogleCodeExporter commented 9 years ago 
hey Imax no problem if i found more bugs i will report them, dude i want to 
invite 
you to irc to my channel if you are available, what you say?

Original comment by spe...@gmail.com on 19 Dec 2009 at 12:13