FUSE is a penetration testing system designed to detect Unlimitedrecut Executable File Upload (UEFU) vulnerabilities. Details of the testing strategy can be found at σελίδα us.
Installation
# apt-get install rabbitmq-server |
|
# apt-get install python-pip |
|
# apt-get install git |
Use
Configuration
FUSE uses one file configuration set is provided by the user and defines parameters for a PHP application. The script must be completed before testing a Web application. You can view the file README and examples of configuration files .
Configuration for file tracking (optional)
$ vim filemonitor.py |
|
|
|
... |
|
10 MONITOR_PATH='/ var / www / html /' <- Web root of the target application |
|
11 MONITOR_PORT=20174 <- Default port of File Monitor |
|
12 EVENT_LIST_LIMITATION=8000 <- Maxium number of elements in EVENT_LIST |
|
... |
Implementation
FUSE
$ python framework.py [Path of configuration file] |
File tracking
$ python filemonitor.py |
Result
- When FUSE completes the penetration test, a [HOST] directory and a [HOST_report.txt] directory are created.
- A [HOST] folder stores files that have been uploaded.
- [HOST_report.txt] file contains test results and information related to U (E) FU-enabled files.
You can find the program here.
Read them Technology News from all over the world, with the validity of iGuRu.gr
Follow us on Google News
Comment Policy:
IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators