If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)

Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Fimap v.0.9 released

900913 · 2011-05-27 14:44:21

A little tool for local and remote file inclusion auditing and exploitation. Fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. Fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. Fimap 0.9…

Options

27-05-2011 3:44pm

#1
900913

Registered Users Posts: 367 ✭✭

Join Date: March 2011

Posts: 310
A little tool for local and remote file inclusion auditing and exploitation.

Fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. Fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection.

Fimap 0.9 Changelog
Details

New in this version:
Cookie scanning and attacking.

New 'AutoAwesome' operating mode.

Dot-Truncation mode for breaking suffixes on windows servers.

New --force-os switch which lets you define in advance which OS to assume.

Better logfile kickstarter injection.

Dynamic RFI encoder for webservers which interpret your (PHP) code (--rfi_encode=php_b64).

Tons of bugfixes.

Lots of stuff I forgot to mention.

Download link:
http://code.google.com/p/fimap/downloads/list

0

Comments

Options
#2 28-05-2011 10:08pm
dlofnep

Closed Accounts Posts: 20,759 ✭✭✭✭

Join Date: January 2004

Posts: 19674

Will check it out Cheers.

0