Saturday, September 14, 2013

Webcruiser - Scan web Vulnerable

WebCruiser - Web Vulnerability Scanner a títulocompacto but powerful web analytics tool that will help you in auditing your site! It has a vulnerability scanner and a series of security tools.





It can support scanning website as well as POC (Proof of concept) for web vulnerabilities: SQL Injection, Cross Site Scripting, XPath Injection etc.. 
Therefore, it is also a tool WebCruiser automatic SQL injection, XPath injection tool, and a Cross Site Scripting tool!
Features: 
* Chains (Web Directories and files); 
* Vulnerability Scanner: SQL Injection, Cross Site Scripting, XPath Injection etc.; 
* SQL Injection Scanner; 
* SQL Injection Tool: GET / POST / Cookieinyección POC (Proof of Concept); 
* SQL Injection for SQL Server: plain text / Union / Blind Injection; 
* SQL Injection for MySQL: plain text / / injection Ciegosde Union; 
* SQL Injection for Oracle: plain text / Union / Blind / Injection CrossSite; 
* SQL Injection for DB2: Union / Blind Injection; 
* SQL Injection for Access: Union / Blind Injection; 
* Data message Forward; 
* Cross Site Scripting Scanner and POC; 
* XPath Injection Scanner and POC; 
* Auto Get Web browser cookies for authentication; 
* Output Report.



Backtrack: Getting Started "Experience"


Well, as many of you, I thought that this would work with an OS (Operating System) computer security oriented and today I have a couple of conclusions will discuss in this article.
For starters, it is very important before any movement, have supported our team, but all are solvable problems we face concerning partitions and lost, it would not hurt this tedious step.
Once we have that done, I recommend using Partition Magic in the case of Windows and Gparted in Linux, I use both systems: Windows 7 and Ubuntu 12.10.

In my case, leave 3 partitions, the Windows, Back Track (Ext3) and data.

Well once ready, we will record our image Back Track on a DVD or on a USB ...
Here begins the problem for some, as it was also for me, having a Netbook me to go through this extra step but well, can be configured with a list of commands from Windows as an administrator ... or you can just download the program let you -here-

"A little explanation of the program: It runs, you give the" I agree "if your operating system is not listed, down to the bottom and hit" Try Unlisted Linux ISO "tells you to select the image to be recorded, you give in the letter of your destination device and "Create"

The program I found really useful ...

Okay, to continue, we can botear from our pendrive, before selecting the option from that drive botear clearly, configured from the BIOS.

We give the first option and you ... Sometimes it happens that starts hard or bad sample images, so I get to where you have the income Login root / toor and I press Enter a few times, I really do not know if my computer will be error, the version or just so .
Then and gives us another option where we write "startx" which is to start the GUI.

So far I could only tell because I was doing it on my computer, I had no way to take pictures.

Well, on the desktop we can see the logo of Install BackTrack, we double click and go setting the required options, as I said earlier in the time of partition the disk, formatted in Ext3 gave but sometimes gave me some problems , can be tested in Ext4, if they know of what I speak, and insurance will be when they show those options.
Another thing that gives a bit of trouble, is asking for a root file, in this case can choose from a list that suits them, and the rest is choose the language and stuff but be very careful, test well can write well, especially with the -, _ and accents. (Critical thing to use an OS) and hope that this work, while giving the time to completion of the installation, reboot and we have Back Track as SO.

In my opinion, something very annoying in Back Track, was the use of "STARTX" to start, so we'll see how save this unnecessary step.

The next step is to open a command prompt and type the following:

root @ bt: ~ # aptitude install rungetty
root @ bt: ~ # gedit / etc/init/tty1.conf

In the last line you add a # so remain as comment, Save the file, next step:







root @ bt: ~ # gedit / root / .bash_profile

Opens a document, type "startx" (without quotes), save and close.
Reboot your system and prove that such a stay.


Until next time ...

-Shock-

Backtrack 5 R3-BeEF The Browser Exploitation Framework

The Browser Exploitation Framework BeEF



What is BeEF? 
BeEF The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.


Amid growing concerns about the web-borne attacks against customers, including mobile clients, beef allows the professional penetration tester to evaluate the current security situation of a target environment using the attack client . Unlike other security frameworks, the meat is beyond the network perimeter hardened and the client system, and examines exploitability under the door open: the web browser. Beef connect one or more web browsers as beachheads used to launch targeted attacks command modules and further against the system from within the browser context.

Official Page: http://beefproject.com/ 

VIDEO TUTORIALS:

BeEF Installation Video Tutorial:

PART 1:



PART 2

PART 3




Facebook-Gmail "Tango Down" 10Diciembre



Today December 10, 2012 the social network "facebook" is dropped like gmail. 

At about 20.30 hours off Facebook adds just over half an hour. 
Some users can not enter directly the Facebook page, the previous time seemed to have a slow, but this time the errors are more dependent on the chrome browser: This webpage is not available 
in Firefox: Server not found, the decline could be due to a failure problem worldwide telecom backbone as apparently step 27/11/2012.  
If a problem only backbone fibertel users should not notice any drop. 
Others blame the Maya ... The Maya sent him a buzz to facebook! 

Backtrack 5 R3 DNS Spoofing


DNS Spoofing 



Impersonation domain name. This is the distortion of a "domain name-IP" to a name resolution query, ie solve a fake IP address a certain name NS or vice versa. This is achieved by distorting the relationship entries-IP domain name of a DNS server by any particular server vulnerability or confidence to unreliable servers. Falsified entries of a DNS server are likely to infect (poison) the DNS cache different server (DNS Poisoning).


SCENARIO: 
The following tutorial has an attack known as DNS spoofing, the following example is based on a LAN with two participants an attacker and a victim: 
Attacker: 
OS: Backtrack 5 R3 
Victim:
Operating system: Windows XP.

The operating system of the victim is irrelevant ...

THE main idea is to get the password and login to your facebook, this example can be done with any website that we wish only to point to the set and the ettercap website cloned.

COMMAND:

We enter the following path:

# Cd / pentest / exploits / set 
#. / Set 
SET application opens for social engineering type attacks then choose the following options: 



Select 1: for an attack Attacks Social Enginnering 




In the next menu select 2; Website Attack Vectors 



Attack In Multi-select option 3; Credential Harvester Attack Method to perform the cloning of the page you want to attack. 


Select option 2 Site Cloner 


In the options for successfully clone the product will have to enter your IP address with ifconfig I can get the data, our IP address and network adapter are dealing in my case eth0, if wireless wlan0 default would deal . 



After entering our IP, we ask the website to which we wish to perform cloning in facebook'll take care scenario, but you can take any website, whether twitter, youtube, blogger, etc.. 



Once began to start the cloned web page, you need to have the apache service started, if you do not this, the following message will appear to start the service to which we Y. 

Well here we have set up with hits to perform DNS poisoning, the victim would have to put your IP address into your browser, and then the login prompt appear on Facebook. 

So that the user does not enter our IP address, a tool called ettetcap deal, its function will be that when the user enter facebook is automatically poisoned and not have to enter our IP. To do this with a text editor, edit the following path / usr / local / share / ettercap / etter.dns and add the following parameters we enter the domain and our IP as pictured. 

Dominio.com A IP 
*. Domain A IP 
IP PTR www.dominio.com 

Save and close. 




and finally poison: 

ettercaps-T-q-i-P network adapter arp dns_spoof-M / / / / 




Well when the user connected to our lan go to facebook.com it automatically poison: 

VICTIM: 

Victim logging into facebook and making the login process: 



ATTACKING:

Receive information from the cookies GET capturing the lan.


Well this is a very dangerous, when we connect to public sides, where the wifi connection is free and for thousands of users, such as a university.