Friday, October 8, 2010

[Tool Update Announcement] inspathx - Path Disclosure Finder


Check it out at

svn checkout inspathx-read-only

For those who don't know inspathx



A tool that uses local source tree to make requests to the url and
search for path inclusion error messages. It's ever a common problem
in PHP web applications that we're hating to see for ever. We hope
this tool triggers no path disclosure flaws any more. See our article
about path disclosure.


Web application developers sometimes fail to add safe checks against
authentications, file inclusion ..etc are prone to reveal possible
sensitive information when those applications' URLs are directly
requested. Sometimes, it's a clue to File Inclusion vulnerability. For
open-source applications, source code can be downloaded and checked to
find such information.

This script will do this job.

  1. First you have to download source archived file of your desired OSS.
  2. Second, extract it.
  3. Third, feed its path to inspath

The inspath takes

   * -d or --dir argument as source directory (of application)
   * -u or --url arguement as the target base URL (like
   * -t or --threads argument as the number of threads concurrently
to run (default is 10)
   * -l argument as your desired language php,asp,aspx,jsp,all?
(default is all)
   * -x argument as your desired extensions separated with |
character (default : php4|php5|php6|php|asp|aspx|jsp|jspx) - make sure
to enclose multiple extensions with double quotes - See Examples

Read the related text:

Similar terms: Full Path Disclosure, Internal Path Leakage


   * PHP
   * ASP(X)
   * JSP(X)


ruby inspathx.rb -d /sources/phpmyadmin -u http://localhost/phpmyadmin -t 20

ruby inspathx.rb -d c:/sources/phpmyadmin -u http://localhost/phpmyadmin -t 20

ruby inspathx.rb -d c:/sources/dotnetnuke -u
http://localhost/dotnetnuke -t 20 -l aspx

ruby inspathx.rb -d c:/sources/jspnuke -u http://localhost/jspnuke -t
20 -l jsp -x "jsp|jspx"


Mambo 4.6.5

WordPress 3.0.1