Archive for June, 2020
Ethical Hacking — Wpscan Tool
June 19th, 2020 Posted 3:39 am
Wpscan Tool
Wpscan Tool is a tool used to scan WordPress websites. Wpscan is used in Kali Linux andIt scans for possible vulnerabilities such as outdated WordPress versions and vulnerable themes and plugins and etc.
Before using wpscan for scanning WordPress websites in Kali Linux, it is vital to ensure that wpscan is up to date. To ensure this simply type
wpscan update
This will update the wpscan tool to its latest version thus ensuring you can use all its features.
There are different types of enumeration filters for wpscan. These are:
u (for usernames)
p (for plugins)
vp for vulnerable plugins
t (for themes)
vt (for vulnerable themes)
at (for all themes)
tt (for timthumbs) Timthumbs are major security risk so it would be wise to ensure the website does not have to
ap (for all plugins)
To find all the users in a certain website simply type the command wpscan –url yourwebsiteurl -e u.This enumerates all the users. If you wish to discover the password then it is possible through brute force method. The command is wpscan –url yourwebsiteurl -wordlist password.txt.This will find a possible password match for the user if there are any in the wordlist.
Tags: Ethical Hacking
Posted in Database System -- Semester 3, Ethical Hacking -- Semester 4, Intelligent System -- Semester 4, Network Forensic -- Semester 5, Uncategorized
Ethical Hacking — Sherlock Tool
June 12th, 2020 Posted 3:24 pm
Sherlock Tool
Sherlock is a useful and powerful tool which identifies usernames across many social networks such as Instagram or DevianArt. There is a possibility of users adding links to their other social media accounts on platforms such as Instagram. This enables hackers to obtain more information regarding the user. Furthermore, images obtained from these social media platforms could be used in reverse image search. This would lead hackers to discovering other profiles that uses the same image.
This can be useful for gathering information, it can be used to perform sophisticated engineering attacks against a target.
Requirements
Python 3.6 or higher
Installation
1. Launch terminal in Kali Linux
2. The first step in installing sherlock is to clone the repository. The command is git clone https://github.com/sherlock-project/sherlock.git
3. Type the ls command to view content of the directory , the sherlock tool is now present in the directory.
4. Change the directory to sherlock
5. Install the requirements after ensuring python3 and python3-pip are installed
Usage
In order to find out all the possible commands that can be used in sherlock, simply type
python3 sherlock –help
In order to search for one user only type the command:
python3 sherlock.py username
Change the username to the username you wish to search for.
It is also possible to search for multiple users at the same time. The tool will first search for the first username and when it is done, it will move on the next.
Now Sherlock can locate all the social media accounts of the username give
Tags: Ethical Hacking
Posted in Database System -- Semester 3, Ethical Hacking -- Semester 4, Intelligent System -- Semester 4, Network Forensic -- Semester 5, Uncategorized
Ethical Hacking — Week 11
June 5th, 2020 Posted 9:44 pm
Maintain Access
Today’s session was about maintaining access. Maintaining access after pen testing is done as a professional pentester is unethical as when we sign the NDA which stands for Non Disclosure Agreement with the company, that NDA states we are not allowed to maintain access, hence we can not continue to maintain access.
We need to maintain access as this leads to no need to reinvent the wheel, the previous vulnerabilities are already patched, sysadmin harden the system and it saves time. However, when maintaining access, it is important to ensure to read the NDA properly as some NDA states a backdoor can’t be placed.
There are certain methods to maintain access such as creating OS backdoors, Tunnel and web based backdoors. Backdoors is a method which allows attacker to access target without using normal authentication while remaining undetected. Cymothoa is a tool which can be used inject a backdoor. The command is cymothoa -p 4255 -s 1 -y 555It is possible to use DVL which stands for Damn Vulnerable Linux to learn more about other exploits.
Tunneling is encapsulating one network protocol inside another network protocol. Web based backdoors can be used when the target is web based.