NAME

ronin-vulns-rfi - Scans URL(s) for Remote File Inclusion (RFI) vulnerabilities

SYNOPSIS

ronin-vulns rfi [options] {URL … | --input FILE}

DESCRIPTION

Scans URL(s) for Remote File Inclusion (RFI) vulnerabilities. The URLs to scan can be given as additional arguments or read from a file using the --input option.

ARGUMENTS

URL
A URL to scan.

OPTIONS

--db NAME
The database name to connect to. Defaults to default if not given.
--db-uri URI
The database URI to connect to (ex: postgres://user:password@host/db).
--db-file PATH
The sqlite3 database file to use.
--import
Imports discovered vulnerabilities into the database.
--first
Only find the first vulnerability for each URL.
-A, --all
Find all vulnerabilities for each URL.
--print-curl
Also prints an example curl command for each vulnerability.
--print-http
Also prints an example HTTP request for each vulnerability.
-M, --request-method COPY|DELETE|GET|HEAD|LOCK|MKCOL|MOVE|OPTIONS|PATCH|POST|PROPFIND|PROPPATCH|PUT|TRACE|UNLOCK
Sets the HTTP request method to use.
-H, --headerName: value
Sets an additional header using the given Name and value.
-U, --user-agent-string STRING
Sets the User-Agent header string.
-u, --user-agent chrome-linux|chrome-macos|chrome-windows|chrome-iphone|chrome-ipad|chrome-android|firefox-linux|firefox-macos|firefox-windows|firefox-iphone|firefox-ipad|firefox-android|safari-macos|safari-iphone|safari-ipad|edge
Sets the User-Agent header.
-C, --cookie COOKIE
Sets the raw Cookie header.
-c, --cookie-param NAME=VALUE
Sets an additional Cookie param using the given NAME and VALUE.
-R, --referer URL
Sets the Referer header.
-F, --form-param NAME=VALUE
Sets an additional form param using the given NAME and VALUE.
--test-query-param NAME
Tests the URL query param name.
--test-all-query-params
Test all URL query param names.
--test-header-name NAME
Tests the HTTP Header name.
--test-cookie-param NAME
Tests the HTTP Cookie name.
--test-all-cookie-params
Test all Cookie param names.
--test-form-param NAME
Tests the form param name.
-i, --input FILE
Reads URLs from the given FILE.
-B, --filter-bypass double-encode|suffix-escape|null-byte
Optional filter-bypass strategy to use.
-S, --script-lang asp\|asp.net\|coldfusion\|jsp\|php\|perl`
Explicitly specify the scripting language to test for.
-T, --test-script-url URL
Use an alternative test script URL.
-h, --help
Print help information.

AUTHOR

Postmodern postmodern.mod3@gmail.com

SEE ALSO

ronin-vulns-scan