malectricasoftware
/
expload
mirror of https://github.com/malectricasoftware/expload.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update README.md

main
witchdocsec 2024-09-20 10:56:58 +01:00 committed by GitHub
parent 1e5d67a2fa
commit f55c52d43a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
README.md
View File

@ -1,2 +1,22 @@
# Expload
![image](https://github.com/user-attachments/assets/fbae4274-21d0-4233-9c96-5e19bab88488)
## what is expload
A tool for injecting magic bytes of allowed files, and spoofing the mime type. In order to exploit vulnerable file upload forms that use these as the sole validation mechanism
## useage
```
expload.py [-h] -u URL -p PAYLOAD -e EXT -n NAME -f FILENAME
expload args
options:
-h, --help show this help message and exit
-u URL, --url URL url to upload to
-p PAYLOAD, --payload PAYLOAD
path to file to upload
-e EXT, --ext EXT extension to spoof
-n NAME, --name NAME field name for file upload
-f FILENAME, --filename FILENAME
file name to upload with
```