HTExploit (HiperText access Exploit) is an open-source tool written in Python that exploits a weakness in the way that .htaccess files can be configured to protect a web directory with an authentication process. By using this tool anyone would be able to list the contents of a directory protected this way, bypassing the authentication process.
The tool provides modularity, by allowing the tester to fully perform an analysis on the protected website of the following attacks: SQL Injection, Local File Inclusion, Remote File Inclusion and others.
The main characteristic of this tool is that all of the analyses performed are done inside the protected directory, not from the publicly accessible site.
htexploit -u [URL] [options]
-h, --help show this help message and exit -m MODULE, --module=MODULE Select the module to run (Default: detect) -u URL, --url=URL **REQUIRED** - Specify the URL to scan -o OUTPUT, --output=OUTPUT Specify the output directory -w WORDLIST, --wordlist=WORDLIST Specify the wordlist to use -v, --verbose Be verbose
cyborg@cyborg:~$ sudo htexploit -u http://192.168.1.18/target _ _ _______ ______ _ _ _ | | | | |__ __| | ____| | | (_) | | | |__| | | | | |__ __ __ _ __ | | ___ _ | |_ | __ | | | | __| \ \/ / | '_ \ | | / _ \ | | | __| | | | | | | | |____ > < | |_) | | | | (_) | | | | |_ |_| |_| |_| |______| /_/\_\ | .__/ |_| \___/ |_| \__| | | |_| v0.7b [-] http://192.168.1.18/target seems exploitable. Enjoy :) Would you like to run the â€˜fullâ€™ scan module? [Y/n] [+] Full Scan Completed. [+] 6 files were downloaded, out of 721 (0% success rate). Report was saved in '/pentest/web/htexploit/htexploit-42270'