HTTP filename upload guesser
When you upload a shell on a web-server using a file upload functionality, usually the file get renamed in various ways in order to prevent direct access to the file, RCE and file overwrite.
fileGPS is a tool that uses various techniques to find the new filename, after the server-side script renamed and saved it.
Some of the techniques used by fileGPS are:
- Various hash of the filename
- Various timestamps tricks
- Filename + PHP time() up to 5 minutes before the start of the script
- So many more
- Easy to use
- HTTP(s) Proxy support
- User agent randomization
- Over 100.000 filenames combinations
On BlackArch Linux:
pacman -S filegps
On other distros:
git clone https://github.com/0blio/filegps
How to write a module
Writing a module is fairly simple and allows you to implement your custom ways of generating filename combinations.
Below is a template for your modules:
#!/usr/bin/env python # -*- coding: utf-8 -*- """ Module name: test Coded by: Your name / nickname Version: X.X Description: This module destroy the world. """ output =  # Do some computations here output = ["filename1.php", "filename2.asp", "filename3.jar"]
filename are automatically imported from the core script, so you can call them in your module.
Once you finished to write your module, you have to save it in
Modules/, and it will be automatically imported once the main script is started.
You can use the module shame as a template for your modules.
Contribute to the project
Do you want to help? Here's some ways you can do it:
- Suggest a feature
- Write a module
- Report a bug
Special thanks to Panfilo Salutari for sharing with me ideas about the project.
Thanks to Claudio Sala for the logo.