FIMAP Tool - local and remote file inclusion with BackBox Linux

Started by ZEROF, September 20, 2012, 01:08:20 AM

Previous topic - Next topic

ZEROF


LFI ATTACK WITH FIMAP, target DVWA, arm BACKBOX LINUX.

First you need to install DVWA*, then run Apache server (comes with BackBox Linux), then read how to use FIMAP (terminal fimap -h), one c99 shell script (to find one type inurl:c99.txt in Google search box).You will need to set Apache directory permissions, for this you can use this bash script : http://www.linux.re.rs/files/scripts/dirbash.sh.I will show you how to upload shell to vulnerable server and exploit the vulnerability.

* How to install DVWA with BackBox Linux
http://www.anonimus.re.rs/6562

VIDEO

http://youtu.be/WRc0yWLG7BU?hd=1

Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*

Hagopian

Thanks ! I did not know you had a YouTube channel, I will subscribe !
La programmation aujourd'hui est une course entre les développeurs tâchant de concevoir des programmes de plus en plus nombreux et efficaces, convenant même aux imbéciles, et l'univers essayant de produire des idiots de plus en plus nombreux et efficaces. Jusqu'à présent, c'est l'univers qui gagne.

marcioni

I didn't know as well, very useful, it's easier to get something done with video I think, thanks