Description

This plugin audits the frontpage extension configuration by trying to upload a file to the remote server using the author.dll script provided by FrontPage.

Plugin type

Audit

Options

Name Type Default Value Description Help
stopOnFirst boolean True Stop on the first successful file upload The default value is usually a good idea, because if we can upload a file to a directory, the chances are that we can upload to every directory; and if this is the case, we would get a lot of vulnerabilities reported, that are really only one.

Source

For more information about this plugin and the associated tests, there’s always the source code to understand exactly what’s under the hood:
github-logoPlugin source code
Unittest source code

Dependencies

This plugin depends on infrastructure.frontpage_version.