Scribd
Upload
10 views

Web Security Workshop

Uploaded by

k213928
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
10 views

Web Security Workshop

Uploaded by

k213928
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Exercise 1: Port Scanning

Kali linux Port scanning tool

Use nmap

1.1 Port Scanning


Nmap scanme.nmap.org

1.2 Scan in details

sudo nmap -v -sT -sV -O scanme.nmap.org

sudo systemctl start ssh.socket

Create a user

sudo useradd jawwad -p test

sudo passwd username

ssh [email protected]
Exercise 2. Password Sniffing using Wireshark

Task 2.1 Launch wireshark on Kali Linux


This is used for sniffing network packets

Task 2.2 Launch a vulnerable website which does not use https

http://testphp.vulnweb.com/login.php

Task 2.3 Launch a genuine website which uses https


Observe difference on wireshark
Exercise 3. SQL Injection using Webgoat

Using Webgoat for SQL Injection Attack

Task 2.1

sudo docker run -p 127.0.0.1:8080:8080 -p 127.0.0.1:9090:9090 webgoat/webgoat

Launch Webgoat

Open browser and type


http://127.0.0.1:8080/WebGoat/login

Task 2.2 SQL Queries Injection Attack

1) SELECT * FROM EMPLOYEES WHERE USERID=96134

2) UPDATE EMPLOYEES SET department='Sales' WHERE USERID='89762'

3) ALTER TABLE employees ADD phone varchar(20)

Task 2.3 SQL Grant Unprivileged Access

1) GRANT all ON grant_rights TO unauthorized_user

Task 2.3 Unauthorized Access

SELECT * FROM user_data WHERE first_name = 'John' AND last_name = '


Task 3 Cross site scripting Attack

https://hackmd.io/@DaLaw2/ByD70wAM2#Cross-Site-Scripting
Task 4 Dictionary Attack

hydra -l username-p password 127.0.0.1 ssh

Password spraying

Password is known but user is unknown

Create a file

sudo nano users.txt

hydra -L users.txt -p password 127.0.0.1 ssh

Dictionary Attack

$ hydra -L users.txt -P /usr/share/wordlists/rockyou.txt 127.0.0.1 ssh

more rockyou.txt

cat rockyou.txt

Task 5 ZAP

You might also like