fimap alpha v0.6.1 released : RFI/LFI auditing & scanning

fimap is a little python tool which can find, prepare, scan, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It’s is currently under heavy development but it’s usable.

Quick News for SVN and upcoming versions

* Version 06.1 is live!
o Fixed relative path detection on windows systems.
o Added additional regex to detect error message.
o Catched a case when the server doesn’t give us the script-path.
o Works now really on Python 2.4 :P

JPEG - 3.7 kb

What works currently?

  • Check a Single URL, List of URLs, or Google results fully automaticly.
  • Can identify and exploit file inclusion bugs.
  • Relative\Absolute Path Handling.
  • Tries automaticly to eleminate suffixes with Nullbyte.
  • Remotefile Injection.
  • Logfile Injection. (FimapLogInjection)
  • Test and exploit multiple bugs:
  • include()
  • include_once()
  • require()
  • require_once()
  • You always define absolute pathnames in the configs. No monkey like pathes like:
  • ../etc/passwd
  • ../../etc/passwd
  • ../../../etc/passwd
  • Blabla
  • Has an interactive exploit mode which...
  • ...can spawn a shell on vulnerable systems.
  • ...can spawn a reverse shell on vulnerable systems.
  • ...can do everything you have added in your payload-dict inside the config.py
  • Add your own payloads and pathes to the config.py file.
  • Has a Harvest mode which can collect URLs from a given domain for later pentesting.
  • Goto FimapHelpPage for all features.
  • Works also on windows.
  • Can handle directories in RFI mode like:
  • <? include ($_GET["inc"] . "/content/index.html"); ?>
  • <? include ($_GET["inc"] . "_lang/index.html"); ?>
  • where Null-Byte is not possible.

Post scriptum

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Comments

Related Articles

Application Scanner
Configurations checks
Exploitation
fimap
Vulnerability Scanner