Info BackTrack

Linux & Security Tutorial

./WebSploit Toolkit


Sedikit saya jelaskan tentang WebSploit Toolkit šŸ™‚

./Websploit toolkit adalah proyek opensource buatan Fardin Allahverdinazhand, yang berfungsi untuk :

  • Autopwn ā€“ Used From Metasploit For Scan and Exploit Target Service
  • wmap ā€“ Scan, Crawler Target Used From Metasploit wmap Plugin
  • format infector ā€“ inject reverse & bind payload into file format
  • phpmyadmin ā€“ Search Target phpmyadmin login page
  • lfi ā€“ Scan, Bypass local file inclusion Vulnerability & can be bypass some WAF
  • apache users ā€“ search server username directory (if use from apache webserver)
  • Dir Bruter ā€“ brute target directory with wordlist
  • admin finder ā€“ search admin & login page of target
  • MLITM Attack ā€“ Man Left In The Middle, XSS Phishing Attacks
  • MITM ā€“ Man In The Middle Attack
  • Java Applet Attack ā€“ Java Signed Applet Attack
  • MFOD Attack Vector ā€“ Middle Finger Of Doom Attack Vector
  • USB Infection Attack ā€“ Create Executable Backdoor For Infect USB For Windows
Nah yang saya suka dari toolkit ini adalah cara kerjanya seperti CLI Project yang penggunaannya sangat mudah šŸ™‚ untuk menscan suatu web ato jaringan yang Vulnerability.
How to Install WebSploit in Backtrack šŸ˜€
silahkan download :

http://sourceforge.net/projects/websploit/files/

lalu extrak file rar tersebut didalam direktory

/pentest/web/

nah sekarang buka di terminal untuk eksekusi programnya šŸ™‚


lindo@laptop:~# cd /pentest/web/websploit
lindo@laptop:/pentest/web/websploit# ./websploit
[/sourcecode

nah saya coba running dulu dalam mode :

[1]WebSite Attack Vector Scanners,Crawlers For WebSite

oke, mungkin itu aja yang bisa saya sampaikan. semoga dapat bermanfaat untuk para pentester šŸ™‚

Sumber

Artikel Terkait:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: