arfis

automated Remote File Inclusion search

Trustworthy September 20, 2007

Filed under: Development — arfis @ 8:58 am

Please note the “Note” in the sidebar, then read this: http://osvdb.org/blog/?p=185. This people are absolutely right, don’t use the informations here “as is”, recheck them, test them. Also once again, this script wasn’t mean to work with an 100% hit quota, but for programming fun for me.

This is a good indication of how trustworthy the tool is, early release or not, and what kind of burden it places on VDBs who do their best to vet vulnerability disclosures to a limited degree.

Well, psorry.

 

Sourceforge.net sucked off September 15, 2007

Filed under: Development — arfis @ 1:06 pm

The script reach the end in the search of sourceforge.net for PHP scripts recently. But don’t worry, arfis will continue with download and checking scripts from hotscripts.com. Yeah, more RFI’s will come :).

 

Version 0.3 September 14, 2007

Filed under: Development — arfis @ 4:37 pm

Now the script checks also for “defined(…) or die” wich also kill’s RFI’s. Another check: if the include or require is in a function, if so the RFI is useless. Version 0.3 is now running.

 

arfis starts over September 13, 2007

Filed under: Development — arfis @ 8:07 pm

Ok, after the first day running I checked several PHP projects for the RFI’s. Some worked, some not, because of two reasons:

  1. There was a other “include” or “require” before the potential RFI, wich included settings or configs in wich the variable was defined. To get rid of that the scripts check that there is no such function before the RFI.
  2. Checking for constants with “defined” before “include” or “require” prevents RFI’s. To get rid of that the script checks that there is no “defined” function before the RFI

So the whole scripts now start from beginning, and the output should be much better with the stronger filter. Let’s hope the best and enjoy.