wget -c http://downloads.sourceforge.net/project/vlc/1.1.7/vlc-1.1.7.tar.bz2
tar -xvf vlc-1.1.7.tar.bz2
cd vlc-1.1.7
apt-get build-dep vlc
./configure --enable-run-as-root
make
make install
------------------------------
start it from command line, (simply type vlc or /usr/local/bin/vlc) it may give you an error about libvlc.so, if it does run:
apt-get install libvlc-dev libvlc2
Saturday, February 12, 2011
Friday, February 4, 2011
MagicTree
Description
MagicTree is a tool developed in Java by Gremwell. It enables to organize data gathered during a pentest. The tool also enables to launch commands (Nmap, Nikto, ...) for a better integration of the results. Here are some of the features:
* Automatic creation of nodes from netblock address
* Drag and drop objects from the tree
* Launch CLI-based tools (Nmap, Nikto, ...) from MagicTree
* Import results from other tools (Nessus, ...)
* Sort findings by severity
* Generate reports (*.odt, *.docx)
* And much more...
This article introduces the basics of the tool. For a more complete documentation, please refer to http://www.gremwell.com/magictreedoc/.
Installation
Java
You will need to install Java. Under *ubuntu, edit your /etc/apt/sources.list file and uncomment these 2 repositories:
deb http://archive.canonical.com/ubuntu lucid partner
deb-src http://archive.canonical.com/ubuntu lucid partner
Then update your local repositories and install Java:
$ sudo apt-get update
$ sudo apt-get install sun-java6-plugin
Install MagicTree
$ mkdir -p /pentest/misc/magictree/
$ cd /pentest/misc/magictree/
$ wget http://www.gremwell.com/dist/1381.5c2a7c0734ce8c65ba59f3c2b8884470/MagicTree-1381.jar
Usage
Start MagicTree
To start MagicTree, simply issue following command:
$ cd /pentest/misc/magictree/
$ java -jar MagicTree-1381.jar
You should see following screen:
Create, rename and delete nodes
Automatic creation
To automatically create a node from a netblock (e.g. 192.168.100.0/24), select "Node > Auto Create" from the menu. Then, enter the netblock with the CIDR form.
Manual creation
Manually create nodes
* To create a node from the root, right click on the top node and select:
o "Create child > Branch Node" to create a new branch
o "Create Child > Simple Node" to create an object (e.g. host)
* To rename an object, double click on it to edit the label.
* To delete an object, right click on it and select "Delete" from the menu.
Also notice that you can move any object by drag/drop-ing it.
Notice
The "testdata" branch node is generally used under "magictree" to store all the data related to the test. Sticking to the same tree structure is useful in several ways. Firstly, if you import XML from nmap, nessus, or other tools it will be under "testdata". If you manually create host nodes, you'll want the results of the scan to appear under the nodes you have created. Secondly, there are a number of scanned queries and what is called "methods" (a query and a command that use the query results) that generally work from the assumption that the data is under "/magictree/testdata".
Using tables
Tables enable to use a list of hosts in a command line (e.g. Nmap). In the example above, we use -iL $in to use the list of hosts/networks:
* -iL: Input from list of hosts/networks
* $in: Variable used to process data from the table
We also use an output to be able to get the results of our command:
* -oX: Output scan in XML format
* $out: Variable that will be processed to inject the results in the tree.
Click on "Console" to see the scan running (usefull to enter sudo password).
Once the scan is finished, select $out in the variables and click on "Import" to inject the results in the tree.
Import results from external tools
MagicTree enables to import Nessus results. Save your Nessus report in .nessus (Version 1 and Version 2) format and open the file in MagicTree.
Repo-browser
On the right hand side of the window frame there is a button that says "Repo Browser". Clicking on it opens the query and method repository. You can browse it by tags and execute queries and methods stored in it. You can also save the queries and commands that you use to the repository, to be able to quickly execute them later.
Generating Reports
Once you have completed your penetration tests, you can export the results in a *.odt (OpenOffice) or *.docx (MS Office) file. Select "Report > Generate Report" from the menu, and select one of the templates available in the ~/.magictree/report-templates/ directory.
Notice that if you use KDE (e.g. Kubuntu), you will get an error:
20:18.14 Report generation failed
java.lang.UnsupportedOperationException: Desktop API is not supported on the current platform
at java.awt.Desktop.getDesktop(Desktop.java:144)
at bU.b(SourceFile:277)
at bU.a(SourceFile:78)
at bU.a(SourceFile:24)
at cV.run(SourceFile:244)
at java.lang.Thread.run(Thread.java:636)
20:18.14 java.lang.UnsupportedOperationException: Desktop API is not supported on the current platform
at java.awt.Desktop.getDesktop(Desktop.java:144)
at bU.b(SourceFile:277)
at bU.a(SourceFile:78)
at bU.a(SourceFile:24)
at cV.run(SourceFile:244)
at java.lang.Thread.run(Thread.java:636)
t appears that the Java Desktop API that MagicTree is using to start OpenOffice does not work in KDE (it only works on Gnome). For more information on that issue, refer to http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6486393.
Although, the reports are successfully generated and saved in your ~/.magictree/tmp/ directory.
MagicTree is a tool developed in Java by Gremwell. It enables to organize data gathered during a pentest. The tool also enables to launch commands (Nmap, Nikto, ...) for a better integration of the results. Here are some of the features:
* Automatic creation of nodes from netblock address
* Drag and drop objects from the tree
* Launch CLI-based tools (Nmap, Nikto, ...) from MagicTree
* Import results from other tools (Nessus, ...)
* Sort findings by severity
* Generate reports (*.odt, *.docx)
* And much more...
This article introduces the basics of the tool. For a more complete documentation, please refer to http://www.gremwell.com/magictreedoc/.
Installation
Java
You will need to install Java. Under *ubuntu, edit your /etc/apt/sources.list file and uncomment these 2 repositories:
deb http://archive.canonical.com/ubuntu lucid partner
deb-src http://archive.canonical.com/ubuntu lucid partner
Then update your local repositories and install Java:
$ sudo apt-get update
$ sudo apt-get install sun-java6-plugin
Install MagicTree
$ mkdir -p /pentest/misc/magictree/
$ cd /pentest/misc/magictree/
$ wget http://www.gremwell.com/dist/1381.5c2a7c0734ce8c65ba59f3c2b8884470/MagicTree-1381.jar
Usage
Start MagicTree
To start MagicTree, simply issue following command:
$ cd /pentest/misc/magictree/
$ java -jar MagicTree-1381.jar
You should see following screen:
Create, rename and delete nodes
Automatic creation
To automatically create a node from a netblock (e.g. 192.168.100.0/24), select "Node > Auto Create" from the menu. Then, enter the netblock with the CIDR form.
Manual creation
Manually create nodes
* To create a node from the root, right click on the top node and select:
o "Create child > Branch Node" to create a new branch
o "Create Child > Simple Node" to create an object (e.g. host)
* To rename an object, double click on it to edit the label.
* To delete an object, right click on it and select "Delete" from the menu.
Also notice that you can move any object by drag/drop-ing it.
Notice
The "testdata" branch node is generally used under "magictree" to store all the data related to the test. Sticking to the same tree structure is useful in several ways. Firstly, if you import XML from nmap, nessus, or other tools it will be under "testdata". If you manually create host nodes, you'll want the results of the scan to appear under the nodes you have created. Secondly, there are a number of scanned queries and what is called "methods" (a query and a command that use the query results) that generally work from the assumption that the data is under "/magictree/testdata".
Using tables
Tables enable to use a list of hosts in a command line (e.g. Nmap). In the example above, we use -iL $in to use the list of hosts/networks:
* -iL
* $in: Variable used to process data from the table
We also use an output to be able to get the results of our command:
* -oX
* $out: Variable that will be processed to inject the results in the tree.
Click on "Console" to see the scan running (usefull to enter sudo password).
Once the scan is finished, select $out in the variables and click on "Import" to inject the results in the tree.
Import results from external tools
MagicTree enables to import Nessus results. Save your Nessus report in .nessus (Version 1 and Version 2) format and open the file in MagicTree.
Repo-browser
On the right hand side of the window frame there is a button that says "Repo Browser". Clicking on it opens the query and method repository. You can browse it by tags and execute queries and methods stored in it. You can also save the queries and commands that you use to the repository, to be able to quickly execute them later.
Generating Reports
Once you have completed your penetration tests, you can export the results in a *.odt (OpenOffice) or *.docx (MS Office) file. Select "Report > Generate Report" from the menu, and select one of the templates available in the ~/.magictree/report-templates/ directory.
Notice that if you use KDE (e.g. Kubuntu), you will get an error:
20:18.14 Report generation failed
java.lang.UnsupportedOperationException: Desktop API is not supported on the current platform
at java.awt.Desktop.getDesktop(Desktop.java:144)
at bU.b(SourceFile:277)
at bU.a(SourceFile:78)
at bU.a(SourceFile:24)
at cV.run(SourceFile:244)
at java.lang.Thread.run(Thread.java:636)
20:18.14 java.lang.UnsupportedOperationException: Desktop API is not supported on the current platform
at java.awt.Desktop.getDesktop(Desktop.java:144)
at bU.b(SourceFile:277)
at bU.a(SourceFile:78)
at bU.a(SourceFile:24)
at cV.run(SourceFile:244)
at java.lang.Thread.run(Thread.java:636)
t appears that the Java Desktop API that MagicTree is using to start OpenOffice does not work in KDE (it only works on Gnome). For more information on that issue, refer to http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6486393.
Although, the reports are successfully generated and saved in your ~/.magictree/tmp/ directory.
Thursday, February 3, 2011
Dradis
Description
Dradis is a Ruby on Rails-based framework that helps pentester organize and share their results in a common database. The tool then enables to consolidate the inputs with external databases (e.g. vulnerabilities databases) and generate reports.
The tool is shipped with a set of plugins that enable to import scan results:
* Project package upload
* Project template upload
* Nmap upload
* Nikto upload
* Nessus upload
* Burp upload
Installation
Download and uncompress Dradis
-----------------------------------------------------------------------
-$ cd /data/src/
-$ wget http://downloads.sourceforge.net/dradis/dradis-v2.5.2.tar.bz2
-$ bzip2 -cd dradis-v2.5.2.tar.bz2 | tar xf -
-$ mkdir -p /pentest/misc/
-$ mv dradis-2.5/ /pentest/misc/dradis/
-----------------------------------------------------------------------
Install dependencies
First install following packages:
----------------------------------------------------------------------------
-$ apt-get install ruby1.8 rubygems1.8 irb rdoc ruby1.8-dev libopenssl-ruby
----------------------------------------------------------------------------
Then install Ruby dependencies via Gem:
----------------------------------
-$ sudo gem install rake -
-$ sudo gem install sqlite3-ruby -
----------------------------------
/Notice that dradis uses SQLite3 as default engine. If you wish to use a different engine (e.g. MySQL), you will have to modify the configuration file in ./dradis/server/config/database.yml./
*********************************************************************************
*Check the requirements
*
*At least check that all requirements are met by issuing following commands:
*
*$ cd /pentest/misc/dradis/
*$ ./verify.sh
*
*dradis Framework dependencies verification script
*-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
*
* This script will try to determine whether all the dependencies required to
*use the dradis Framework are present in the system providing hints on how to
*install the missing dependencies. The system will NOT be modified by the
*script.
*
*Please send your feedback about this script to:
* feedback [you-know-what] dradisframework.org
*
*
*Running Standard checks.
*
*Looking for Ruby interpreter... found [ /usr/bin/ruby ].
*Checking for support to compile native extensions... found.
*Looking for RubyGems and the 'gem' command... found [ /usr/bin/gem ].
*Looking for the 'rake' command... found [ /usr/bin/rake ].
*Looking for SQLite3 libraries... found.
*Looking for the SQLite3 ruby gem [sqlite3-ruby]... found (v1.3.1).
*
*Congratulations. You seem to be ready to run the Dradis Framework. Enjoy!
**********************************************************************************
Populate/reset the database
Then populate the database:
**********************************************************************************
*$ cd server/
*$ rake dradis:reset
*(in /pentest/misc/dradis/server)
*Environment not initialized. Nothing to backup.
*Dropping attachments from attachments/... done.
*== CreateNodes: migrating ====================================================
*-- create_table(:nodes)
* -> 0.0017s
*== CreateNodes: migrated (0.0019s) ===========================================
*
*== CreateCategories: migrating ===============================================
*-- create_table(:categories)
* -> 0.0021s
*== CreateCategories: migrated (0.0022s) ======================================
*
*== CreateNotes: migrating ====================================================
*-- create_table(:notes)
* -> 0.0038s
*== CreateNotes: migrated (0.0040s) ===========================================
*
*== CreateConfigurations: migrating ===========================================
*-- create_table(:configurations)
* -> 0.0023s
*== CreateConfigurations: migrated (0.0025s) ==================================
*
*== CreateUsers: migrating ====================================================
*-- create_table("users", {:force=>true})
* -> 0.0038s
*== CreateUsers: migrated (0.0040s) ===========================================
*
*== CreateFeeds: migrating ====================================================
*-- create_table(:feeds)
* -> 0.0018s
*== CreateFeeds: migrated (0.0019s) ===========================================
***********************************************************************************
Usage
Start Dradis server
To start the server, go to /pentest/misc/dradis/ and issue following commands:
$ cd /pentest/misc/dradis/server/
$ ruby ./script/server
By default, Dradis server listens on 127.0.0.1:3004. Alternatively, you may bind to different address and port:
$ ruby ./script/server -b -p
First connection
Point your web browser to: https://localhost:3004/
If everything is fine, you should see a similar screen:
/////////////////////////////////////////////////////////////////////////////////
Notice
If you notice SSL errors, reset the database, restart the server and reconnect.
////////////////////////////////////////////////////////////////////////////////
Initialize Dradis
To initialize a project, go to: https://localhost:3004/sessions/init
Fill in a password and check the "New project" radio button. Then click on the "Initialize" button.
On the next screen, select a login and use the password you have defined on the previous screen.
You should now be presented with a similar screen:
Import scan results
In this example, we are going to import scan results from Nmap.
First scan a target using Nmap (e.g. 192.168.100.18) and export the results (XML format) to a file:
$ sudo nmap -sS 192.168.100.18 -oX nmap-192.168.100.18.xml
Then go to Dradis web interface and click on the "Import" button from the top menu. You will be presented with a popup window in which you will specify the type (select Nmap upload) and the path to your file. Fill in all fields and click on OK.
Once imported, the results appear in the tree:
The same way, you can import results from:
* Nmap
* Nikto
* Nessus
* BurpSuite
Once imported, drag and drop items from the tree to organize them as you want:
Using import note
Dradis offers the possibility to import notes from an external database. We base our example on:
* A scan result from Nikto against a WIN-XP-PRO-SP3 machine
* the Open Source Vulnerability DataBase (OSVDB)
Info.png
Notice
Notice that you will need a valid API key to be able to use OSVDB. To get one, connect to https://osvdb.org/account/signup.
First generate a Nikto report:
$ ./nikto.pl -output /data/tmp/nikto-10.1.1.2.xml -host 10.1.1.2
- ***** SSL support not available (see docs for SSL install) *****
- Nikto v2.1.3
---------------------------------------------------------------------------
+ Target IP: 10.1.1.2
+ Target Hostname: 10.1.1.2
+ Target Port: 80
+ Start Time: 2010-11-21 09:13:34
---------------------------------------------------------------------------
+ Server: Microsoft-IIS/5.1
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Microsoft-IIS/5.1 appears to be outdated (4.0 for NT 4, 5.0 for Win2k, current is at least 7.5)
+ Retrieved dasl header:
+ Retrieved dav header: 1, 2
+ Retrieved ms-author-via header: DAV
+ Allowed HTTP Methods: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, POST, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, SEARCH
+ OSVDB-5646: HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server.
+ OSVDB-397: HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server.
+ OSVDB-5647: HTTP method ('Allow' Header): 'MOVE' may allow clients to change file locations on the web server.
+ Public HTTP Methods: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, POST, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, SEARCH
+ OSVDB-5646: HTTP method ('Public' Header): 'DELETE' may allow clients to remove files on the web server.
+ OSVDB-397: HTTP method ('Public' Header): 'PUT' method could allow clients to save files on the web server.
+ OSVDB-5647: HTTP method ('Public' Header): 'MOVE' may allow clients to change file locations on the web server.
+ WebDAV enabled (SEARCH UNLOCK LOCK MKCOL COPY PROPPATCH PROPFIND listed as allowed)
+ OSVDB-13431: PROPFIND HTTP verb may show the server's internal IP address: http://10.1.1.2/
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ OSVDB-877: HTTP TRACK method is active, suggesting the host is vulnerable to XST
+ ERROR: No authentication header defined:
+ 6417 items checked: 1 error(s) and 16 item(s) reported on remote host
+ End Time: 2010-11-21 09:13:48 (14 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
************************************************************************************************
Among all detected vulnerabilities, we will focus on the one in yellow (PUT method).
Info.png
Notice
Notice that the ID is OSVDB-397. We will use it to import the appropriate item from OSVD.
Go to Dradis web interface and import your results using the method described on the section "Import scan results".
Click on the "Import note" tab and fill in the form as follows:
External Source Choose OSVDB Import Plugin (OSVDBImport 2.4.0)
Filter Choose OSVDBIDLookup: OSVDB ID Lookup
Search for 397
Results Right click on the entry and select "Import this"
Once imported, the comments are added into Dradis:
Reports
At any time, you can export your results:
* HTML export
* Word export
* Pdf export
HTML export
Go to Dradis web interface and tag all categories as "HtmlExport Ready".
Then click on the export and select HTML export from the top menu. Here is an example:
Word export
Refer to this tutorial: http://dradisframework.org/WordExport_templates.html
Dradis is a Ruby on Rails-based framework that helps pentester organize and share their results in a common database. The tool then enables to consolidate the inputs with external databases (e.g. vulnerabilities databases) and generate reports.
The tool is shipped with a set of plugins that enable to import scan results:
* Project package upload
* Project template upload
* Nmap upload
* Nikto upload
* Nessus upload
* Burp upload
Installation
Download and uncompress Dradis
-----------------------------------------------------------------------
-$ cd /data/src/
-$ wget http://downloads.sourceforge.net/dradis/dradis-v2.5.2.tar.bz2
-$ bzip2 -cd dradis-v2.5.2.tar.bz2 | tar xf -
-$ mkdir -p /pentest/misc/
-$ mv dradis-2.5/ /pentest/misc/dradis/
-----------------------------------------------------------------------
Install dependencies
First install following packages:
----------------------------------------------------------------------------
-$ apt-get install ruby1.8 rubygems1.8 irb rdoc ruby1.8-dev libopenssl-ruby
----------------------------------------------------------------------------
Then install Ruby dependencies via Gem:
----------------------------------
-$ sudo gem install rake -
-$ sudo gem install sqlite3-ruby -
----------------------------------
/Notice that dradis uses SQLite3 as default engine. If you wish to use a different engine (e.g. MySQL), you will have to modify the configuration file in ./dradis/server/config/database.yml./
*********************************************************************************
*Check the requirements
*
*At least check that all requirements are met by issuing following commands:
*
*$ cd /pentest/misc/dradis/
*$ ./verify.sh
*
*dradis Framework dependencies verification script
*-- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
*
* This script will try to determine whether all the dependencies required to
*use the dradis Framework are present in the system providing hints on how to
*install the missing dependencies. The system will NOT be modified by the
*script.
*
*Please send your feedback about this script to:
* feedback [you-know-what] dradisframework.org
*
*
*Running Standard checks.
*
*Looking for Ruby interpreter... found [ /usr/bin/ruby ].
*Checking for support to compile native extensions... found.
*Looking for RubyGems and the 'gem' command... found [ /usr/bin/gem ].
*Looking for the 'rake' command... found [ /usr/bin/rake ].
*Looking for SQLite3 libraries... found.
*Looking for the SQLite3 ruby gem [sqlite3-ruby]... found (v1.3.1).
*
*Congratulations. You seem to be ready to run the Dradis Framework. Enjoy!
**********************************************************************************
Populate/reset the database
Then populate the database:
**********************************************************************************
*$ cd server/
*$ rake dradis:reset
*(in /pentest/misc/dradis/server)
*Environment not initialized. Nothing to backup.
*Dropping attachments from attachments/... done.
*== CreateNodes: migrating ====================================================
*-- create_table(:nodes)
* -> 0.0017s
*== CreateNodes: migrated (0.0019s) ===========================================
*
*== CreateCategories: migrating ===============================================
*-- create_table(:categories)
* -> 0.0021s
*== CreateCategories: migrated (0.0022s) ======================================
*
*== CreateNotes: migrating ====================================================
*-- create_table(:notes)
* -> 0.0038s
*== CreateNotes: migrated (0.0040s) ===========================================
*
*== CreateConfigurations: migrating ===========================================
*-- create_table(:configurations)
* -> 0.0023s
*== CreateConfigurations: migrated (0.0025s) ==================================
*
*== CreateUsers: migrating ====================================================
*-- create_table("users", {:force=>true})
* -> 0.0038s
*== CreateUsers: migrated (0.0040s) ===========================================
*
*== CreateFeeds: migrating ====================================================
*-- create_table(:feeds)
* -> 0.0018s
*== CreateFeeds: migrated (0.0019s) ===========================================
***********************************************************************************
Usage
Start Dradis server
To start the server, go to /pentest/misc/dradis/ and issue following commands:
$ cd /pentest/misc/dradis/server/
$ ruby ./script/server
By default, Dradis server listens on 127.0.0.1:3004. Alternatively, you may bind to different address and port:
$ ruby ./script/server -b
First connection
Point your web browser to: https://localhost:3004/
If everything is fine, you should see a similar screen:
/////////////////////////////////////////////////////////////////////////////////
Notice
If you notice SSL errors, reset the database, restart the server and reconnect.
////////////////////////////////////////////////////////////////////////////////
Initialize Dradis
To initialize a project, go to: https://localhost:3004/sessions/init
Fill in a password and check the "New project" radio button. Then click on the "Initialize" button.
On the next screen, select a login and use the password you have defined on the previous screen.
You should now be presented with a similar screen:
Import scan results
In this example, we are going to import scan results from Nmap.
First scan a target using Nmap (e.g. 192.168.100.18) and export the results (XML format) to a file:
$ sudo nmap -sS 192.168.100.18 -oX nmap-192.168.100.18.xml
Then go to Dradis web interface and click on the "Import" button from the top menu. You will be presented with a popup window in which you will specify the type (select Nmap upload) and the path to your file. Fill in all fields and click on OK.
Once imported, the results appear in the tree:
The same way, you can import results from:
* Nmap
* Nikto
* Nessus
* BurpSuite
Once imported, drag and drop items from the tree to organize them as you want:
Using import note
Dradis offers the possibility to import notes from an external database. We base our example on:
* A scan result from Nikto against a WIN-XP-PRO-SP3 machine
* the Open Source Vulnerability DataBase (OSVDB)
Info.png
Notice
Notice that you will need a valid API key to be able to use OSVDB. To get one, connect to https://osvdb.org/account/signup.
First generate a Nikto report:
$ ./nikto.pl -output /data/tmp/nikto-10.1.1.2.xml -host 10.1.1.2
- ***** SSL support not available (see docs for SSL install) *****
- Nikto v2.1.3
---------------------------------------------------------------------------
+ Target IP: 10.1.1.2
+ Target Hostname: 10.1.1.2
+ Target Port: 80
+ Start Time: 2010-11-21 09:13:34
---------------------------------------------------------------------------
+ Server: Microsoft-IIS/5.1
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Microsoft-IIS/5.1 appears to be outdated (4.0 for NT 4, 5.0 for Win2k, current is at least 7.5)
+ Retrieved dasl header:
+ Retrieved dav header: 1, 2
+ Retrieved ms-author-via header: DAV
+ Allowed HTTP Methods: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, POST, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, SEARCH
+ OSVDB-5646: HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server.
+ OSVDB-397: HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server.
+ OSVDB-5647: HTTP method ('Allow' Header): 'MOVE' may allow clients to change file locations on the web server.
+ Public HTTP Methods: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, POST, COPY, MOVE, MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, SEARCH
+ OSVDB-5646: HTTP method ('Public' Header): 'DELETE' may allow clients to remove files on the web server.
+ OSVDB-397: HTTP method ('Public' Header): 'PUT' method could allow clients to save files on the web server.
+ OSVDB-5647: HTTP method ('Public' Header): 'MOVE' may allow clients to change file locations on the web server.
+ WebDAV enabled (SEARCH UNLOCK LOCK MKCOL COPY PROPPATCH PROPFIND listed as allowed)
+ OSVDB-13431: PROPFIND HTTP verb may show the server's internal IP address: http://10.1.1.2/
+ OSVDB-877: HTTP TRACE method is active, suggesting the host is vulnerable to XST
+ OSVDB-877: HTTP TRACK method is active, suggesting the host is vulnerable to XST
+ ERROR: No authentication header defined:
+ 6417 items checked: 1 error(s) and 16 item(s) reported on remote host
+ End Time: 2010-11-21 09:13:48 (14 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
************************************************************************************************
Among all detected vulnerabilities, we will focus on the one in yellow (PUT method).
Info.png
Notice
Notice that the ID is OSVDB-397. We will use it to import the appropriate item from OSVD.
Go to Dradis web interface and import your results using the method described on the section "Import scan results".
Click on the "Import note" tab and fill in the form as follows:
External Source Choose OSVDB Import Plugin (OSVDBImport 2.4.0)
Filter Choose OSVDBIDLookup: OSVDB ID Lookup
Search for 397
Results Right click on the entry and select "Import this"
Once imported, the comments are added into Dradis:
Reports
At any time, you can export your results:
* HTML export
* Word export
* Pdf export
HTML export
Go to Dradis web interface and tag all categories as "HtmlExport Ready".
Then click on the export and select HTML export from the top menu. Here is an example:
Word export
Refer to this tutorial: http://dradisframework.org/WordExport_templates.html
Monday, January 31, 2011
Brute forcing RDP in GnackTrack with Rdesktop
Downlaod:
www.mediafire.com/blaguvest
rdesktop-1.6.0.tar.gz
rdp-brute-force-r806.diff
Download and install the application and patch using the newest version of rdp brute force patch, r806.diff
tar -xvzf rdesktop-1.6.0.tar.gz
cd rdesktop-1.6.0
patch -p1 -i ../rdp-brute-force-r806.diff
./configure
make
sudo make install
At this point you should have rdesktop modified and installed.
Exempel : rdesktop -u [user] -p [file] -d [domain] [Target IP]
Attack : rdesktop -u administrator -p wordlist.txt 127.0.0.1
www.mediafire.com/blaguvest
rdesktop-1.6.0.tar.gz
rdp-brute-force-r806.diff
Download and install the application and patch using the newest version of rdp brute force patch, r806.diff
tar -xvzf rdesktop-1.6.0.tar.gz
cd rdesktop-1.6.0
patch -p1 -i ../rdp-brute-force-r806.diff
./configure
make
sudo make install
At this point you should have rdesktop modified and installed.
Exempel : rdesktop -u [user] -p [file] -d [domain] [Target IP]
Attack : rdesktop -u administrator -p wordlist.txt 127.0.0.1
Subscribe to:
Posts (Atom)