kurobeats / fimap

fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in webapps.
GNU General Public License v2.0
514 stars 99 forks source link

Testing execution thru 'popen[b64] not works #73

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
i'm using Fimap v 1.00_svn in backtrack 5 r2
i just test this site

http://www.crottaz-finance.ch/fr/index.php?page=equipeCachedYou

and stuck at this line..

[17:05:40] [INFO] Testing PHP-code injection thru POST...
[17:05:43] [OUT] PHP Injection works! Testing if execution works...
[17:05:43] [INFO] Testing execution thru 'popen[b64]'... <==============
[17:36:48] [WARN] timed out

i see tutorial on youtube, & he pass that line..

Is there something i must setup first before running fimap?

Original issue reported on code.google.com by pensile...@gmail.com on 5 Dec 2012 at 5:45

GoogleCodeExporter commented 9 years ago
Sorry, we cannot help you in breaking the law. 
Looks like the request timed out.

Perhaps email the admin and tell him his site is vulnerable?

Original comment by the.info...@gmail.com on 26 Jan 2013 at 11:03

GoogleCodeExporter commented 9 years ago

Original comment by fimap....@gmail.com on 27 Jan 2013 at 11:06

GoogleCodeExporter commented 9 years ago
thanks for answer..

2013/1/28, fimap@googlecode.com <fimap@googlecode.com>:

Original comment by pensile...@gmail.com on 29 Jan 2013 at 5:38