[Trimite sms gratis (demonstratie)]

Wavv...acum arata-ne si cum sa facem bani gratis pe net!

[WMAP Website Vulnerability Scanner(Kali Linux)]

Pentru acest scanner, vom avea nevoie de sistemul de operare Kali Linux.

 

Dupa ce am pornit fara problem sistemul de operare, va trebui sa intram in Metasploit framework.

Ca sa pornim metasploit, mai intai trebuie sa ii pornim serviciul care contine baza lui de date.

In terminal, executam comanda : service PostgreSQL start

Dupa ce am pornit serviciul, executam metasploit

 

1.Dupa ce am intrat in metasploit, trebuie sa incarcam plug-in-ul WMAP prin comanda :  load wmap

msf > load wmap

msf > load wmap

.-.-.-..-.-.-..---..---.
| | | || | | || | || |-'
`-----'`-'-'-'`-^-'`-'
[WMAP 1.5.1] ===  et [  ] metasploit.com 2012
[*] Successfully loaded plugin: wmap

msf help

wmap Commands
=============

    Command       Description
    -------       -----------
    wmap_modules  Manage wmap modules
    wmap_nodes    Manage nodes
    wmap_run      Test targets
    wmap_sites    Manage sites
    wmap_targets  Manage targets
    wmap_vulns    Display web vulns

...snip...
2.Pentru a porni scanarea, mai intai trebuie sa adaugam in site tinta prin wmap_sites -a (Ip-ul site-ului)

 

msf > wmap_sites -h
[*]  Usage: wmap_targets [options]
-h        Display this help text
-a   Add site (vhost,url)
-l        List all available sites
-s [id]   Display site structure (vhost,url|ids) (level)


msf > wmap_sites -a http://172.16.194.172
[*] Site created.
msf > wmap_sites -l
[*] Available sites
===============

     Id  Host            Vhost           Port  Proto  # Pages  # Forms
     --  ----            -----           ----  -----  -------  -------
     0   172.16.194.172  172.16.194.172  80    http   0        0


3.Apoi, trebuie sa adaugam site-ul ca tinta prin comanda wmap_targets -t [IP]

 

msf > wmap_targets -h
[*] Usage: wmap_targets [options]
-h Display this help text
-t [urls] Define target sites (vhost1,url[space]vhost2,url)
-d [ids] Define target sites (id1, id2, id3 ...)
-c Clean target sites list
-l  List all target sites


msf > wmap_targets -t http://172.16.194.172/mutillidae/index.php

4.Acum, vom utiliza wmap_run  -t pentru a vedea toate modulele ce vor fi applicate site-ului tinta:

msf > wmap_run -t

[*] Testing target:
[*] Site: 192.168.1.100 (192.168.1.100)
[*] Port: 80 SSL: false
[*] ============================================================
[*] Testing started. 2012-01-16 15:46:42 -0500
[*]
=[ SSL testing ]=
[*] ============================================================
[*] Target is not SSL. SSL modules disabled.
[*]
=[ Web Server testing ]=
[*] ============================================================
[*] Loaded auxiliary/admin/http/contentkeeper_fileaccess ...
[*] Loaded auxiliary/admin/http/tomcat_administration ...
[*] Loaded auxiliary/admin/http/tomcat_utf8_traversal ...
[*] Loaded auxiliary/admin/http/trendmicro_dlp_traversal ...
..snip...
4.Tot ceea ce ne mai ramane acum, este sa rulam scanarea. wmap_run -e

msf > wmap_run -t

[*] Testing target:
[*] Site: 192.168.1.100 (192.168.1.100)
[*] Port: 80 SSL: false
[*] ============================================================
[*] Testing started. 2012-01-16 15:46:42 -0500
[*]
=[ SSL testing ]=
[*] ============================================================
[*] Target is not SSL. SSL modules disabled.
[*]
=[ Web Server testing ]=
[*] ============================================================
[*] Loaded auxiliary/admin/http/contentkeeper_fileaccess ...
[*] Loaded auxiliary/admin/http/tomcat_administration ...
[*] Loaded auxiliary/admin/http/tomcat_utf8_traversal ...
[*] Loaded auxiliary/admin/http/trendmicro_dlp_traversal ...
..snip...

5. Dupa ce s-a terminat scanarea, putem vedea vulnerabilitatile gasite de scanner prin comanda. wmap_vulns -l

6.Daca la pct 5 scanerul a detectat ceva, putem intra din nou in msf si sa rulam comanda vulns, acolo vom primi detail despre vulnerabilitate si in potential mod de atac.