Giters

f4T1H21 / FextBrute

A brute force tool to find out what types of files with different extensions are allowed to be uploaded to a web server.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

web-bruteforcingbruteforcebrute-forcefile-extensionwordlist

FextBrute

File extension Brute

A brute force tool to find out what types of files with different extensions are allowed to be uploaded to a web server.

Getting Started

git clone https://github.com/f4T1H21/FextBrute.git
cd FextBrute
chmod +x fextbrute.py
./fextbrute.py --help

Usage

Usage: ./fextbrute.py <URL> <wordlist> [OPTIONS]
FLAGS:
    -h, --help    Print this help menu and exit.
    -v, --version Print version information and exit.
OPTIONS:
    -d, --dot     Add "." before each extension in wordlist. (Use if there aren't)
ARGUMENTS:
    <URL>      Web page to upload files
    <wordlist> File extenions wordlist
EXAMPLES:
    ./fextbrute.py http://127.0.0.1:88/wiki/upload.php wordlist.txt
    ./fextbrute.py http://example.com/fileupload.php wordlist.txt -d

Example ss

Didn't need to use -d or --dot flag, because we had already had our dots before each word in wordlist. ss1

But in this example, we needed to specify -d or --dot option as a third argument in order to make script put a dot before each word in wordlist. ss2

Thanks to mantaXOR for helping me with his energy, btw constructive feedback is appreciated!

Written by f4T1H

About

A brute force tool to find out what types of files with different extensions are allowed to be uploaded to a web server.

web-bruteforcingbruteforcebrute-forcefile-extensionwordlist

License:MIT License

Languages

Language:Python 100.0%