fimap.py ( dorking web )

in this video i are going to use the script python "fimap.py" to do a goole search , for URL's containing the "DORK" expression .. later we are going to use RFI/LFI vuln to make a upload to the website ,and making a "MIRROR" of the deface using "wget" …
also we are going to scan websites with the crawler of fimap.py
****************************************­**********************************
[!] fimap is a little python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps.
[!] fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection
****************************************­**********************************
TUTORIAL BY: Pedro ubuntu

Tweet