search

kurobeats / fimap

fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.
GNU General Public License v2.0
521 stars 99 forks source link

error while scanning #31

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
cut here %<--------------------------------------------------------------
Exception: unsupported operand type(s) for +: 'NoneType' and 'str'
Traceback (most recent call last):
  File "./fimap.py", line 516, in <module>
    g.startGoogleScan()
  File "/home/wishnu/fimap-read-only/src/googleScan.py", line 94, in
startGoogleScan
    single.scan()
  File "/home/wishnu/fimap-read-only/src/singleScan.py", line 48, in scan
    res = t.testTargetVuln()
  File "/home/wishnu/fimap-read-only/src/targetScanner.py", line 183, in
testTargetVuln
    self.analyzeURL(ret, k, v, self.config["p_post"], False)
  File "/home/wishnu/fimap-read-only/src/targetScanner.py", line 119, in
analyzeURL
    result.append((rep, self.readFiles(rep)))
  File "/home/wishnu/fimap-read-only/src/targetScanner.py", line 546, in
readFiles
    fl = settings["dynamic_rfi"]["ftp"]["ftp_path"] + rep.getAppendix()
TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'

thanks
wishnusakti

Original issue reported on code.google.com by gilak.ba...@gmail.com on 7 Jun 2010 at 3:32

GoogleCodeExporter commented 9 years ago 
Hi!

Can you please tell me which version of fimap you are using?

-imax.

Original comment by fimap....@gmail.com on 7 Jun 2010 at 11:17

GoogleCodeExporter commented 9 years ago 
i am using v0.8 with subversion and i intentially update it. for google scanner 
if i choose option --skip-pages, can't scan more than 10 pages....

Original comment by gilak.ba...@gmail.com on 9 Jun 2010 at 2:33

GoogleCodeExporter commented 9 years ago 
wishnu@wishnu-xubuntu:~/lfiscanner/src$ ./fimap.py 
fimap v.09_svn by Iman Karim - Automatic LFI/RFI scanner and exploiter
Use -h for some help.

oww i am really sorry i use fimap v.09_svn

Original comment by gilak.ba...@gmail.com on 9 Jun 2010 at 2:41

GoogleCodeExporter commented 9 years ago 
Hello Again!

I see you are using Dynamic RFI.
Are you sure that you have configured it correctly? 
Especially the settings["dynamic_rfi"]["ftp"]["ftp_path"] ?
Because it tries to concat the ftp_path with the appendix but it says that your 
ftp_path is None.
If your ftp_path is empty please fix it or disable dynamic RFI.

-imax.

Original comment by fimap....@gmail.com on 9 Jun 2010 at 4:24

GoogleCodeExporter commented 9 years ago 
owww sory... thnaks for ur reply

Original comment by gilak.ba...@gmail.com on 10 Jun 2010 at 3:02

GoogleCodeExporter commented 9 years ago 
No Problem ;)

Thanks for reporting anyway.
This is a bug and fimap should tell you if you have misconfigured dynamic rfi.

-imax.

Original comment by fimap....@gmail.com on 10 Jun 2010 at 5:00

GoogleCodeExporter commented 9 years ago 
Fixed in GIT.
Will be pushed soon to public SVN.

-imax.

Original comment by fimap....@gmail.com on 12 Jun 2010 at 4:44