fdsploit
FDsploit can be used to discover and exploit Local/Remote File Inclusion and directory traversal vulnerabilities automatically.
Details
Category: Vulnerabilities
Publisher: trickest
Created Date: 9/7/2021
Container: quay.io/trickest/fdsploit:4522f53
Source URL: https://github.com/chrispetrou/FDsploit
Parameters
url
string
requiredCommand:
--url
- Specify URLdepth
string
Command:
--depth
- Specify max depth for payload [default 5]param
string
Command:
--params
- Specify POST parameters to use (applied only with POST requests) Form: param1:value1,param2:value2,...keyword
string
Command:
--keyword
- Search for a certain keyword(s) on the response [default: None]payload
string
Command:
--payload
- Specify a payload-file to look forb64-encode
boolean
Command:
--b64
- Use base64 encoding [default False]url-encode
string
Command:
-e
- Url-encode the payload [default: False]user-agent
string
Command:
--useragent
- Use a random user-agent [default user-agent: FDsploit_1.2_agent]target-urls
file
requiredCommand:
--file
- Specify a file containing urlsrequest-type
string
Command:
--verb
- Specify request type ('GET' or 'POST') [default GET]cmd-to-execute
string
Command:
--cmd
- Test for command execution through PHP functions [default command: None]specify-cookie
string
Command:
--cookie
- Specify a session-cookie to use [default None]termination-character
string
Command:
--tchar
- Use a termination character ('%00' or '?') [default None]