FUSE is a penetration testing system designed to detect Unlimitedrecut Executable File Upload (UEFU) vulnerabilities. Details of the testing strategy can be found at σελίδα us.
# apt-get install rabbitmq-server # apt-get install python-pip # apt-get install git
FUSE uses one file configuration set is provided by the user and defines parameters for a PHP application. The script must be completed before testing a Web application. You can view the file README and examples of configuration files .
Configuration for file tracking (optional)
$ vim filemonitor.py ... 10 MONITOR_PATH = '/ var / www / html /' <- Web root of the target application 11 MONITOR_PORT = 20174 <- Default port of File Monitor 12 EVENT_LIST_LIMITATION = 8000 <- Maxium number of elements in EVENT_LIST ...
$ python framework.py [Path of configuration file]
$ python filemonitor.py
- When FUSE completes the penetration test, a [HOST] directory and a [HOST_report.txt] directory are created.
- A [HOST] folder stores files that have been uploaded.
- [HOST_report.txt] file contains test results and information related to U (E) FU-enabled files.
You can find the program here..