View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0002430 | Kali Linux | New Tool Requests | public | 2015-07-17 06:26 | 2020-02-25 13:28 |
Reporter | coj337 | Assigned To | |||
Priority | normal | Severity | feature | Reproducibility | N/A |
Status | closed | Resolution | suspended | ||
Summary | 0002430: Upsploit - file upload vulnerabiltiy identification and exploitation. | ||||
Description | There's was a new tool (released last week) that helps pentesters find/validate file upload vulnerabilities in web applications. I'm suggesting this because it's the first of it's kind - even commercial scanners don't go beyond finding file upload forms so this is the first tool to ever help actually exploit them. It's called Upsploit and can be found here: https://github.com/coj337/Upsploit | ||||
Steps To Reproduce | N/A | ||||
Additional Information | N/A | ||||
Dependencies it needs monodevelop (apt-get install monodevelop) Upsploit pre-compiled binary v1.1 :12 tests possible Select all The application quits Upsploit pre-compiled binary v1.0 :error : System.Reflection.ReflectionTypeLoadException: The classes in the module cannot be loaded. |
|
I believe this is because Kali runs an old version of mono, should another bug be opened for this to be updated? I updated to mono 4.0.1 (instructions: http://www.mono-project.com/docs/getting-started/install/linux/#debian-ubuntu-and-derivatives) and the tool ran fine. |
|
you can open a new bug report for that. Upsploit v1.10 and v1.0 seems running fine now. (I will make some additional tests) |
|
To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):
|
|
No updates since 2015. |
|
Date Modified | Username | Field | Change |
---|---|---|---|
2015-07-17 06:26 | coj337 | New Issue | |
2015-07-20 09:42 | stormtide | Note Added: 0003537 | |
2015-07-21 10:05 | coj337 | Note Added: 0003547 | |
2015-07-21 18:27 | stormtide | Note Added: 0003551 | |
2018-01-26 11:37 | g0tmi1k | Summary | New tool for file upload vulnerabiltiy identification and exploitation. => Upsploit - file upload vulnerabiltiy identification and exploitation. |
2018-01-29 10:52 | g0tmi1k | Note Added: 0007937 | |
2018-02-21 09:35 | g0tmi1k | Product Version | 1.1.0 => |
2019-12-09 13:30 | g0tmi1k | Severity | minor => feature |
2020-02-25 13:28 | g0tmi1k | Status | new => closed |
2020-02-25 13:28 | g0tmi1k | Resolution | open => suspended |
2020-02-25 13:28 | g0tmi1k | Note Added: 0012342 |