Deblaze

A remote method enumeration tool for flex servers

Usage: deblaze [option]

Options:

--version
show program's version number and exit

-h, --help
show this help message and exit

-u URL, --url=URL
URL for AMF Gateway

-s SERVICE, --service=SERVICE
Remote service to call

-m METHOD, --method=METHOD
Remote service to call

-p PARAMS, --params=PARAMS
Parameters to send pipe seperated
'param1|param2|param3'

-1 BRUTESERVICE, --bruteService=BRUTESERVICE
File to load services for brute forcing (mutually exclusive to -s)

-2 BRUTEMETHOD, --bruteMethod=BRUTEMETHOD
File to load methods for brute forcing (mutually exclusive to -m)

-P PROXY, --proxy=PROXY
Run local proxy, -P localport:targetIP:targetport

-d, --defaultproxy
Run default local proxy, 8080:targetIP:targetport

-c CREDS, --creds=CREDS
Username and password for service in u:p format

-b COOKIE, --cookie=COOKIE
Send cookies with request

-A USERAGENT, --user-agent=USERAGENT
User-Agent string to send to the server

-r REPORT, --report=REPORT
Console, html, defaults to console

-v, --verbose
Increase verbosity (specify multiple times for more)

-t, --testswf=TESTSWF
URL to SWF - Download SWF and find remoting services and methods only

-f SWF, --fullauto=SWF
URL to SWF - Download SWF, find remoting services, methods, and parameters

--fuzz
Fuzz parameter values