FUSE: penetration testing tool


FUSE is a penetration testing system designed to detect Unlimitedrecut Executable File Upload (UEFU) vulnerabilities. Details of the testing strategy can be found at σελίδα us.

Installation

# apt-get install rabbitmq-server # apt-get install python-pip # apt-get install git

Use

Configuration

FUSE uses one file configuration set is provided by the user and defines parameters for a PHP application. The script must be completed before testing a Web application. You can view the file README and  examples of configuration files .

Configuration for file tracking (optional)

$ vim filemonitor.py ... 10 MONITOR_PATH = '/ var / www / html /' <- Web root of the target application 11 MONITOR_PORT = 20174 <- Default port of File Monitor 12 EVENT_LIST_LIMITATION = 8000 <- Maxium number of elements in EVENT_LIST ...

Implementation

FUSE

$ python framework.py [Path of configuration file]

File tracking

$ python filemonitor.py

Result

  • When FUSE completes the penetration test, a [HOST] directory and a [HOST_report.txt] directory are created.
  • A [HOST] folder stores files that have been uploaded.
  • [HOST_report.txt] file contains test results and information related to U (E) FU-enabled files.

You can find the program here..


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news