new Check
37 views
Skip to first unread message
Yibam mabiY
Oct 28, 2012, 4:24:21 PM10/28/12
to ironwasp
Hi,
I need scan directory transversal to Server Windows IIS.
The diferent is ../ (Linux's world) to ..\ (MS window's world),
How can I modify the string to put it on a query?
Can I create a new SCAN Pluging?
Regards,
I need scan directory transversal to Server Windows IIS.
The diferent is ../ (Linux's world) to ..\ (MS window's world),
How can I modify the string to put it on a query?
Can I create a new SCAN Pluging?
Regards,
Yibam mabiY
Oct 29, 2012, 5:05:20 AM10/29/12
to ironwasp
Hi,
I answer my self.
The framework have got a Script/Plugin Editor. Perfect !!!
I have modified LocalFileInclude.py and I renamed the variable p.name
= "Local File Include on Windows" and automatically this is included
in framework.
Bye, Regards.
I answer my self.
The framework have got a Script/Plugin Editor. Perfect !!!
I have modified LocalFileInclude.py and I renamed the variable p.name
= "Local File Include on Windows" and automatically this is included
in framework.
Bye, Regards.
Lavakumar Kuppan
Oct 29, 2012, 1:26:06 PM10/29/12
to iron...@googlegroups.com
Hi,
My appologies for not responding a little earlier.
Great to see that you figured it out yourself.
In addition to changing the Name variable of the plugin you would also have to change the name of the class.
The name of the class in the original plugin is 'LocalFileInclude'. You would have to give a different class name to your plugin in the three places where the class name is used in the code.
They three places are:
1) In the class declaration - class LocalFileInclude(ActivePlugin)
2) Inside the 'GetInstance' method - p = LocalFileInclude()
3) At the bottom of the plugin - p = LocalFileInclude()
On a side note, I have tested the original plugin on windows LFIs and it did seem to work.
Was your experience different?
Keep hacking,
Lava
Reply all
Reply to author
Forward
0 new messages