inspathx - Path Disclosure Finder
A tool that uses local source tree to make requests to the url and search for path inclusion error messages. It's a common problem in PHP web applications that we've been hating to see. We hope this tool triggers no path disclosure flaws any more. See our article about path disclosure.
[yehg.net] Download path disclosure vulnerability.txt
Report bugs/suggestions to inspathx at yehg dot net.
Web application developers sometimes fail to add safe checks against authentications, file inclusion ..etc are prone to reveal possible sensitive information when those applications' URLs are directly requested. Sometimes, it's a clue to Local File Inclusion vulnerability. For open-source applications, source code can be downloaded and checked to find such information.
This script will do this job.
1. First you have to download source archived file of your desired OSS.
2. Second, extract it.
3. Third, feed its path to inspath
The inspath takes
* -d or --dir argument as source directory (of application)
* -u or --url arguement as the target base URL (like Com.org - Only the best links ...)
* -t or --threads argument as the number of threads concurrently to run (default is 10)
* -l argument as your desired language php,asp,aspx,jsp,all (default is all)
* -x argument as your desired extensions separated by comma(s) (default : php4,php5,php6,php,asp,aspx,jsp,jspx)
Read the related text: [yehg.net] Download path disclosure vulnerability.txt
See the sample logs in sample_logs folder - scan logs of latest mambo and wordpress applications
Similar terms: Full Path Disclosure, Internal Path Leakage
ruby inspathx.rb -d /sources/phpmyadmin -u http://localhost/phpmyadmin -t 20
ruby inspathx.rb -d c:/sources/phpmyadmin -u http://localhost/phpmyadmin -t 20
ruby inspathx.rb -d c:/sources/dotnetnuke -u http://localhost/dotnetnuke -t 20 -l aspx
ruby inspathx.rb -d c:/sources/jspnuke -u http://localhost/jspnuke -t 20 -l jsp -x jsp,jspx
We love svn. Check it out at
svn checkout inspathx - Revision 19: /trunk inspathx-read-only
Mambo 4.6.5 - Administration [Mambo]
WordPress 3.0.1 http://inspathx.googlecode.com/svn/t...alhost_wp_.log
Full Path Disclosure - OWASP
CWE - CWE-209: Information Exposure Through an Error Message (1.10)