The FUSE it is one penetration testing system designed to detect Unlimitedrecut Executable File Upload (UEFU) vulnerabilities. Details of the testing strategy can be found at page us.
Installation
# apt-get install rabbitmq-server
# apt-get install python-pip
# apt-get install gitUse
Configuration
The FUSE uses one file configuration set is user-defined and configures for a PHP application. The script must be completed before testing a Web application. You can view the file README and examples of configuration files .
Configuration for file tracking (optional)
$ vim filemonitor.py
...
10 MONITOR_PATH='/var/www/html/' <- Web root of the target application
11 MONITOR_PORT=20174 <- Default port of File Monitor
12 EVENT_LIST_LIMITATION=8000 <- Maxium number of elements in EVENT_LIST
...Implementation
$ python framework.py [Path of configuration file]File tracking
$ python filemonitor.pyResult
- when the FUSE completes the penetration test, a [HOST] directory and a [HOST_report.txt] file are created.
- A [HOST] folder stores files that have been uploaded.
- [HOST_report.txt] file contains test results and information related to files that activate U (E) FU.
You can find the program here.
Spread the news
Offer: buy Office with a Windows 10 key as a gift
Comment Policy:
IGuRu.gr does not post comments directly. Malicious comments, comments that include ads, or comments with insults are deleted without any notice. We do not adopt the views expressed by our readers.
Your comments will be displayed after approval by the administrators