Category Archives: Vulnerability Assessment and Pentest

Hackademia Challenge 001

This is an old hacking lab game. Summary Steps 1. View the source code of the page to find hints. 2. Use burpsuite proxy. 3. add the root to the item scope, then do web spidering. Advertisements

Posted in Security, Vulnerability Assessment and Pentest | Tagged , , , | Leave a comment

Test blind sql injection

Blind SQL injection A web application that is vulnerable to SQL injection may display SQL error that looks like this:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right … Continue reading

Posted in Security, Vulnerability Assessment and Pentest | Tagged , , , , , , | 2 Comments

Test for sql injection

Target = DVWA version 1.0.7 nmap the target The -sS is to use TCP syn, -sV is to find out the version of the service, -Pn is to disable ping to save time, -v(or multiple vs) is for verbose output. … Continue reading

Posted in Security, Vulnerability Assessment and Pentest | Tagged , , , , , | 4 Comments

XSS: Google Earth XSS vulnerability

I came across an interesting article that longrifle0x has found a vulnerability for script execution within Google Earth. So I decided to test with metasploit, in an attempt to see if the payload can be sent to victim, but it was sandboxed, … Continue reading

Posted in Security, Vulnerability Assessment and Pentest | Tagged , , | Leave a comment

Web Application Attack: Cross site scripting (aka XSS)

Reflected XSS Reflected XSS is a technique that uses the web server’s domain and attached your own script onto the domain; the attacker then uses this link and sends to unsuspected user, once the user clicked on the link the … Continue reading

Posted in Security, Vulnerability Assessment and Pentest | Tagged , , , , , , | 1 Comment

Web Application Pentesting: Manual SQL injection

Reference: http://en.wikipedia.org/wiki/SQL_injection In a nutshell SQL injection allows unauthorized people to use SQL syntax to query the web server database backend, it is called injection because the SQL syntax is inserted into web application variables. The purpose for this post … Continue reading

Posted in Security, Vulnerability Assessment and Pentest | Tagged , , , , , , | 3 Comments

Social Engineering Toolkit and Metasploit: Web cloning attack and uploading a backdoor

Creating a persistent backdoor Afterword Modern antivirus program is capable of detecting such backdoor and even prevent the download of the encoded payload into victim’s machine; payload encoded by shikata ganai 4 times is not enough to evade most of … Continue reading

Posted in Security, Vulnerability Assessment and Pentest | Tagged , , , , , , , , , | 6 Comments