7th December 2024

What is Fuxploider and How to Use it?

Fuxploider is an open-source penetration testing tool that automates the detection and exploitation of file upload vulnerabilities. It can detect the allowed extension in the file upload area and detect which technique will work best for installing the web shell. You can use the Fuxploider tool to scan for file upload vulnerabilities while performing your web penetration tests.

Installing Fuxploider

We will use the following commands for installation. For this installation, we will need at least Python 3.6 and pip3. With the “git clone https://github.com/almandin/fuxploider.git” command, we clone the “fuxploider” file from the “Github” site to the Kali Linux desktop. With the “cd fuxploider” command, we enter the “fuxploider” file. Then we install the “requirements” file with the “pip3 install -r requirements.txt” command.

Note: You can use “sudo apt update” and “sudo apt install python3-pip” to install pip on Kali Linux.

git clone https://github.com/almandin/fuxploider.git
cd fuxploider
pip3 install -r requirements.txt
Installing Fuxploider
Installing Fuxploider

 

Using Fuxploider

To get more detailed information about the “fuxploider” application, you can use the following sandbox.

python3 fuxploider.py -h
python3 fuxploider.py -h
python3 fuxploider.py -h

 

Example Usage

I crawled my own site for example usage. You can reproduce these examples. As you can see, there is a file upload vulnerability on my site.

python3 fuxploider.py --url https://systemconf.com --not-regex "wrong file type"
Using Fuxploider
Using Fuxploider

 

LEARN MORE  How to List User, Renew User Password and Update Nessus Plugin in Nessus Program

Leave a Reply

Your email address will not be published. Required fields are marked *