def test_from_template(self):
rfit = RFITemplate()
options = rfit.get_options()
options['url'].set_value('http://moth/w3af/audit/rfi/vulnerable.php')
options['data'].set_value('file=section.php')
options['vulnerable_parameter'].set_value('file')
rfit.set_options(options)
rfit.store_in_kb()
vuln = self.kb.get(*rfit.get_kb_location())[0]
vuln_to_exploit_id = vuln.get_id()
self._exploit_vuln(vuln_to_exploit_id, 'rfi')
def test_from_template(self):
rfit = RFITemplate()
options = rfit.get_options()
options['url'].set_value(self.target_url)
options['data'].set_value('file=abc.txt')
options['vulnerable_parameter'].set_value('file')
rfit.set_options(options)
rfit.store_in_kb()
vuln = self.kb.get(*rfit.get_kb_location())[0]
vuln_to_exploit_id = vuln.get_id()
self._exploit_vuln(vuln_to_exploit_id, 'rfi')
def test_from_template(self):
rfit = RFITemplate()
options = rfit.get_options()
options['url'].set_value('http://moth/w3af/audit/rfi/vulnerable.php')
options['data'].set_value('file=section.php')
options['vulnerable_parameter'].set_value('file')
rfit.set_options(options)
rfit.store_in_kb()
vuln = self.kb.get(*rfit.get_kb_location())[0]
vuln_to_exploit_id = vuln.get_id()
self._exploit_vuln(vuln_to_exploit_id, 'rfi')
def test_from_template(self):
rfit = RFITemplate()
options = rfit.get_options()
options['url'].set_value(self.target_url)
options['data'].set_value('file=abc.txt')
options['vulnerable_parameter'].set_value('file')
rfit.set_options(options)
rfit.store_in_kb()
vuln = self.kb.get(*rfit.get_kb_location())[0]
vuln_to_exploit_id = vuln.get_id()
self._exploit_vuln(vuln_to_exploit_id, 'rfi')