Fuxploider – File upload Exploitation Tool

Fuxploider is an open source penetration testing tool that automates the process of detecting and exploiting file upload forms flaws. This tool is able to detect the file types allowed to be uploaded and is able to detect which technique will work best to upload web shells or any malicious file on the desired web server.

Fuxploider - File upload Vulnerability Scanner and Exploitation Tool
Fuxploider – File upload Vulnerability Scanner and Exploitation Tool

Many web servers will have file upload vulnerabilities so during a penetration testing this tool can be a good addition to test if there are any open vulnerability that can be exploited to upload files to remote system.

The tool support several options to bypass network security measure such as adding proxy to make the scan proxified and mask the original scanner or use a random list of user agent to avoid being blocked permanently.

File upload will allow attacker to host a malicious file on victim web server to make it ready for distribution and infect more users or it will allow attacker to upload a shell file which can be executed by the web user. once executed it will be possible to create new accounts or execute any task on the compromised web server.

You can read more and download this tool over here: https://github.com/almandin/fuxploider

Share