search

kurobeats / fimap

fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.
GNU General Public License v2.0
512 stars 99 forks source link

Bug while single scanning #61

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
URL causing crash = http://boyzinthekitchen.com/index.php?pg=links_page

Fimap Version = v09

OS = Windows XP SP2

[00:11:38] [OUT] [PHP] Identifying Vulnerability 
'http://boyzinthekitchen.com/index.php?pg=links_page' with Parameter 'pg'...
[00:11:39] [INFO] Scriptpath received: '/home/boyzi/public_html'
[00:11:39] [INFO] Operating System is 'Unix-Like'.
[00:11:39] [INFO] Trying NULL-Byte Poisoning to get rid of the suffix...
[00:11:41] [INFO] NULL-Byte Poisoning not possible.
[00:11:41] [INFO] Skipping file '/etc/passwd'.
[00:11:41] [INFO] Skipping file 'c:\boot.ini'.
[00:11:41] [INFO] Skipping file '/proc/self/environ'.
[00:11:41] [INFO] Skipping absolute file 'php://input'.
[00:11:41] [INFO] Skipping log file '/var/log/apache2/access.log'.
[00:11:41] [INFO] Skipping log file '/var/log/apache/access.log'.
[00:11:41] [INFO] Skipping log file '/var/log/httpd/access.log'.
[00:11:41] [INFO] Skipping log file '/var/log/apache2/access_log'.
[00:11:41] [INFO] Skipping log file '/var/log/apache/access_log'.
[00:11:41] [INFO] Skipping log file '/var/log/httpd/access_log'.
[00:11:41] [INFO] Testing remote inclusion dynamicly with FTP...

-------------------------------------------------------

Exception: [Errno 10054] An existing connection was forcibly closed by the remot
e host
Traceback (most recent call last):
  File "C:\Documents and Settings\admin\Desktop\Working Folder\fimap\fimap.py",
line 673, in <module>
    single.scan()
  File "C:\Documents and Settings\admin\Desktop\Working Folder\fimap\singleScan.
py", line 48, in scan
    res = t.testTargetVuln()
  File "C:\Documents and Settings\admin\Desktop\Working Folder\fimap\targetScann
er.py", line 248, in testTargetVuln
    self.analyzeURL(ret, k, v, self.config["p_post"], 0, self.config["header"])
  File "C:\Documents and Settings\admin\Desktop\Working Folder\fimap\targetScann
er.py", line 155, in analyzeURL
    result.append((rep, self.readFiles(rep)))
  File "C:\Documents and Settings\admin\Desktop\Working Folder\fimap\targetScann
er.py", line 783, in readFiles
    up = self.FTPuploadFile(quiz, rep.getSurfix())
  File "C:\Documents and Settings\admin\Desktop\Working Folder\fimap\baseClass.p
y", line 369, in FTPuploadFile
    ftp.quit()
  File "C:\Python27\lib\ftplib.py", line 572, in quit
    resp = self.voidcmd('QUIT')
  File "C:\Python27\lib\ftplib.py", line 249, in voidcmd
    return self.voidresp()
  File "C:\Python27\lib\ftplib.py", line 224, in voidresp
    resp = self.getresp()
  File "C:\Python27\lib\ftplib.py", line 210, in getresp
    resp = self.getmultiline()
  File "C:\Python27\lib\ftplib.py", line 196, in getmultiline
    line = self.getline()
  File "C:\Python27\lib\ftplib.py", line 183, in getline
    line = self.file.readline()
  File "C:\Python27\lib\socket.py", line 447, in readline
    data = self._sock.recv(self._rbufsize)
socket.error: [Errno 10054] An existing connection was forcibly closed by the re
mote host

Original issue reported on code.google.com by tempsto...@gmail.com on 23 Sep 2011 at 12:17

GoogleCodeExporter commented 9 years ago 
Hi!

Well this looks like an issue with your FTP server?

Exception: [Errno 10054] An existing connection was forcibly closed by the remot
e host

Can you try the FTP selftest? (--test-rfi)
It will check if the FTP server is acting like fimap needs it.

-imax.

Original comment by fimap....@gmail.com on 10 Oct 2011 at 2:38