So, a while back I knocked out a couple of plugins for fimap - a tool which tests for and exploits local and remote file inclusion vulnerabilities – and here is the demo video of one of those plugins.
This plugin is simple. It uploads and executes the AES encrypted HTTP Reverse Shell written by Dave “rel1k” Kennedy. You simply run the listener and wait til you has shell. Simple?
Without further ado, here is the demo video.
You can find the plugins here: Insecurety Research – GoogleCode