Thursday, July 28, 2011

Online Remote File Inclusion (RFI) Scanner


Here is the another Online Pentest Tool presented by Me :)

What does this do ?

This scans for a ip and finds the domains which are vulnerable to RFI i.e., Remote File Inclusion and reports back the domain with complete URI :)

What is RFI?


Please do not ask me what it is !! it is a vulnerability all i can say !!

How serious is this RFI Vulnerability ?

Well its pretty serious !! We can upload a Backdoor and deface/steal the database completely.

So how does this work ?

Same as LFI don't need to change anything either :)






Well first step is

if you want to PenTest a Website and do not find any vulnerability then what will you do ?

Yes go Reverse IP and try to hack some websites using it

Well it does take longer time to do it :)

so what shall we do now ?

This is why i made a script which can save your time little much

It auto scans for all the domains in reverse and try to find the rfi in the domain and reports back :)

So it is RFI Reverse Searcher :)

So here is the Link

http://scan.subhashdasyam.com/rfi-scanner.php

1 comment for "Online Remote File Inclusion (RFI) Scanner"

  1. hello .. that link u give http://scan.subhashdasyam.com/rfi-scanner.php
    after click show me scanner for lfi..

    ReplyDelete

background