Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] http-rfi-spider

From: Peter O <perdo.olma () gmail com>
Date: Sat, 16 Jun 2012 00:38:21 +0200
Hi all,

I've just commited a new script that searches for remote file
inclusion vulnerabilities.
It tests every form field it finds and every parameter of a URL
containing a query.
You can either provide your own URL with a file to include (and a
pattern to search for in the response that would indicate that the
inclusion worked) or the script will try to include
"http://www.yahoo.com/search?p=rfi";.


- Peter

Attachment: http-rfi-spider.nse
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: