sQuo Posted September 11, 2012 Share Posted September 11, 2012 This is the hidden content, please Sign In or Sign Up lfimap - This script is used to take the highest beneficts of the local file include vulnerability in a webserver This script can - Find lfi vulnerability in each parameter automatically Find the root of the file system automatically Find default files inside the server in linux and windows Find passwords in config files Support basic authentication Send null bytes to bypass some controls Write a report of the scan Support proxy Detect OS and send only test according the OS detected Hexaencode support Output in html format Download This is the hidden content, please Sign In or Sign Up This package include script and database of default files In this version you can set the expected reply when you try to get some inexistent file. This feature is useful when the server have custom error reply. This is the hidden content, please Sign In or Sign Up Examples: Without proxy: This is the hidden content, please Sign In or Sign Up With proxy: This is the hidden content, please Sign In or Sign Up Encoding in hexa: This is the hidden content, please Sign In or Sign Up Sending null byte: This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts