Home page logo
/

nmap-dev logo Nmap Development mailing list archives

[NSE] http-rfi-spider
From: Peter O <perdo.olma () gmail com>
Date: Sat, 16 Jun 2012 00:38:21 +0200

Hi all,

I've just commited a new script that searches for remote file
inclusion vulnerabilities.
It tests every form field it finds and every parameter of a URL
containing a query.
You can either provide your own URL with a file to include (and a
pattern to search for in the response that would indicate that the
inclusion worked) or the script will try to include
"http://www.yahoo.com/search?p=rfi";.


- Peter

Attachment: http-rfi-spider.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
  • [NSE] http-rfi-spider Peter O (Jun 15)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault