Scan For Files Vulnerable To LFI - LFIMAP
Thursday, December 16, 2010
0
comments
My last post was on Local File Inclusion(LFI) . LFI is a common website vulnerability and it is used for website hacking. There are some existing tools that deal with LFI vulnerabilities such as lfimap the Remote & Local File Inclusion (RFI/LFI) Scanner .
This new simple tool was released recently which focuses purely on LFI attacks. Test your website with this tool for LFI.
Functions:
http://lfimap.googlecode.com/files/lfimap-1.4.3.tar.gz
Or
read more here
This new simple tool was released recently which focuses purely on LFI attacks. Test your website with this tool for LFI.
Functions:
- Automatically find the root of the file system
- Detect default files outside of the web folder
- Attempts to detect passwords inside the files
- Supports basic authentication
- Can use null byte to bypass some controls
- Writes a report of the scan to a file
http://lfimap.googlecode.com/files/lfimap-1.4.3.tar.gz
Or
read more here
Categories:
Hacking Tools,
LFI,
local file inclusion,
Website hacking
0 comments:
Post a Comment