Skip to content

A brute force tool to find out what types of files with different extensions are allowed to be uploaded to a web server.

License

Notifications You must be signed in to change notification settings

f4T1H21/FextBrute

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

FextBrute

File extension Brute

A brute force tool to find out what types of files with different extensions are allowed to be uploaded to a web server.

Getting Started

git clone https://github.com/f4T1H21/FextBrute.git
cd FextBrute
chmod +x fextbrute.py
./fextbrute.py --help

Usage

Usage: ./fextbrute.py <URL> <wordlist> [OPTIONS]
FLAGS:
    -h, --help    Print this help menu and exit.
    -v, --version Print version information and exit.
OPTIONS:
    -d, --dot     Add "." before each extension in wordlist. (Use if there aren't)
ARGUMENTS:
    <URL>      Web page to upload files
    <wordlist> File extenions wordlist
EXAMPLES:
    ./fextbrute.py http://127.0.0.1:88/wiki/upload.php wordlist.txt
    ./fextbrute.py http://example.com/fileupload.php wordlist.txt -d

Example ss

Didn't need to use -d or --dot flag, because we had already had our dots before each word in wordlist. ss1

But in this example, we needed to specify -d or --dot option as a third argument in order to make script put a dot before each word in wordlist. ss2

Thanks to mantaXOR for helping me with his energy, btw constructive feedback is appreciated!

Written by f4T1H

About

A brute force tool to find out what types of files with different extensions are allowed to be uploaded to a web server.

Topics

Resources

License

Stars

Watchers

Forks

Languages