26/09/12

Fimap Tool - Local And Remote File Inclusion With Backbox Linux

 

Description: LFI ATTACK WITH FIMAP, target DVWA, arm BACKBOX LINUX.

First you need to install DVWA*, then run Apache server (comes with BackBox Linux), then read how to use FIMAP (terminal fimap -h), one c99 shell script (to find one type inurl:c99.txt in Google search box).You will need to set Apache directory permissions, for this you can use this bash script : http://www.linux.re.rs/files/scripts/dirbash.sh. I will show you how to upload shell to vulnerable server and exploit the vulnerability.

* How to install DVWA with BackBox Linux !

http://www.anonimus.re.rs/6562

Author : Nenad Marjanovic
IT nick : ZEROF
Author site : http://www.pentester.iz.rs 

Tidak ada komentar:

Posting Komentar