Lucene search

K
kitploitKitPloitKITPLOIT:1703679575991871068
HistoryMar 06, 2018 - 1:09 p.m.

Dotdotslash - An Tool To Help You Search For Directory Traversal Vulnerabilities

2018-03-0613:09:00
www.kitploit.com
77

AI Score

7.3

Confidence

Low

An tool to help you search for Directory Traversal Vulnerabilities

Benchmarks
Platforms that I tested to validate tool efficiency:

  • DVWA (low/medium/high)
  • bWAPP (low/medium/high)

Screenshots

Instalation
You can download the last version cloning this repository

git clone https://github.com/jcesarstef/dotdotslash/

This tool has made to work with Python3

Usage

python3 dotdotslash.py --help

usage: dotdotslash.py [-h] --url URL --string STRING [--cookie COOKIE]

optional arguments:
  -h, --help       show this help message and exit
  --url URL        Url to attack.
  --string STRING  String in --url to attack. Ex: document.pdf
  --cookie COOKIE  Document cookie.

Example:

python3 dotdotslash.py \
--url "http://192.168.58.101/bWAPP/directory_traversal_1.php?page=a.txt" \
--string "a.txt" \
--cookie "PHPSESSID=089b49151627773d699c277c769d67cb; security_level=3"

Download Dotdotslash **
**

AI Score

7.3

Confidence

Low