def test_from_template(self): rfit = RFITemplate() options = rfit.get_options() options['url'].set_value(self.target_url) options['data'].set_value('file=abc.txt') options['vulnerable_parameter'].set_value('file') rfit.set_options(options) rfit.store_in_kb() vuln = self.kb.get(*rfit.get_kb_location())[0] vuln_to_exploit_id = vuln.get_id() self._exploit_vuln(vuln_to_exploit_id, 'rfi')
def test_from_template(self): rfit = RFITemplate() options = rfit.get_options() options['url'].set_value('http://moth/w3af/audit/rfi/vulnerable.php') options['data'].set_value('file=section.php') options['vulnerable_parameter'].set_value('file') rfit.set_options(options) rfit.store_in_kb() vuln = self.kb.get(*rfit.get_kb_location())[0] vuln_to_exploit_id = vuln.get_id() self._exploit_vuln(vuln_to_exploit_id, 'rfi')