/usr/share/doc/w3af-console/examples/script-fastExploit.w3af is in w3af-console 1.0-rc3svn3489-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 | # This is a fastexploit demo
plugins
audit xss
discovery serverHeader,hmap
discovery config hmap
set genFpF True
back
output console
output config console
set verbose False
back
back
http-settings
set userAgent pepe
back
target
set target http://127.0.0.1/
back
start
exit
#exploit
#exploit config bsqlset url http://192.168.2.41/db2-sqlInj.py?inj=SUV
#set injvar inj
#set db db2
#set data inj=SUV
|