View Issue Details

IDProjectCategoryView StatusLast Update
0002200Kali LinuxQueued Tool Additionpublic2020-06-17 14:58
Reporterangus young Assigned To 
PrioritynormalSeverityminorReproducibilityN/A
Status acknowledgedResolutionopen 
Summary0002200: Kadimus - LFI Scan & Exploit Tool
Description

Kadimus is a tool to check sites to lfi vulnerability , and also exploit it

Features:

Check all url parameters
/var/log/auth.log RCE
/proc/self/environ RCE
php://input RCE
data://text RCE
Source code disclosure
Multi thread scanner
Command shell interface through HTTP Request
Proxy support (socks4://, socks4a://, socks5:// ,socks5h:// and http://)
Proxy socks5 support for bind connections

Project link: https://github.com/P0cL4bs/Kadimus

Activities

stormtide

stormtide

2015-07-28 12:57

reporter   ~0003609

Installation :

git clone https://github.com/P0cL4bs/Kadimus.git
cd Kadimus

./configure (you can not rely on this output)

apt-get install libcurl4-openssl-dev
apt-get install libssh-dev

make

./kadimus -h
(the tool works)

g0tmi1k

g0tmi1k

2018-01-29 17:48

administrator   ~0008545

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

  • [Name] - The name of the tool
  • [Version] - What version of the tool should be added?
    --- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
  • [Homepage] - Where can the tool be found online? Where to go to get more information?
  • [Download] - Where to go to get the tool?
  • [Author] - Who made the tool?
  • [Licence] - How is the software distributed? What conditions does it come with?
  • [Description] - What is the tool about? What does it do?
  • [Dependencies] - What is needed for the tool to work?
  • [Similar tools] - What other tools are out there?
  • [How to install] - How do you compile it?
  • [How to use] - What are some basic commands/functions to demonstrate it?
coloboslexx

coloboslexx

2018-03-13 07:50

reporter   ~0008912

  • [Name] - Kadimus
  • [Version] - The latest available
  • [Homepage] - https://github.com/P0cL4bs/Kadimus
  • [Download] - https://github.com/P0cL4bs/Kadimus
  • [Author] - P0cL4bs
  • [Licence] - MIT License
  • [Description] - Kadimus is a tool to check sites to lfi vulnerability , and also exploit it
  • [Dependencies] - libcurl, libpcre, libssh
  • [Similar tools] - fimap
  • [How to install] - make
  • [How to use] - What are some basic commands/functions to demonstrate it?
    Options and examples:

Cannot add due to WAF limitations.

g0tmi1k

g0tmi1k

2020-03-25 13:22

administrator   ~0012534

@kali-team, please could this be packaged up.
@author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging

Issue History

Date Modified Username Field Change
2015-04-05 19:40 angus young New Issue
2015-07-28 12:57 stormtide Note Added: 0003609
2018-01-29 17:48 g0tmi1k Note Added: 0008545
2018-03-13 07:50 coloboslexx Note Added: 0008912
2019-12-09 13:30 g0tmi1k Severity minor => feature
2020-03-25 13:22 g0tmi1k Note Added: 0012534
2020-03-25 13:23 g0tmi1k Status new => acknowledged
2020-03-25 13:23 g0tmi1k Category New Tool Requests => Queued Tool Addition
2020-06-17 14:58 g0tmi1k Severity feature => minor