Difference between revisions of "Webshag"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 16: | Line 16: | ||
cd /usr/local/src/webshag | cd /usr/local/src/webshag | ||
| + | |||
| + | ===pscan=== | ||
| + | |||
./webshag_cli.py -m pscan <target> | ./webshag_cli.py -m pscan <target> | ||
./webshag_cli.py -m pscan 192.168.0.97 | ./webshag_cli.py -m pscan 192.168.0.97 | ||
| Line 21: | Line 24: | ||
Hasilnya kira-kira | Hasilnya kira-kira | ||
| − | + | ||
% webshag 1.10 | % webshag 1.10 | ||
% Module: pscan | % Module: pscan | ||
% Host: 192.168.0.97 | % Host: 192.168.0.97 | ||
| − | + | ||
| − | |||
| − | |||
| − | |||
| − | |||
% PORT % 22 (tcp) | % PORT % 22 (tcp) | ||
% SRVC % ssh | % SRVC % ssh | ||
| Line 68: | Line 67: | ||
% PROD % MySQL | % PROD % MySQL | ||
| − | |||
| + | ===uscan=== | ||
| + | |||
| + | ./webshag_cli.py 192.168.0.97 | ||
| + | 16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)~ ## 16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07) | ||
| + | % webshag 1.10 | ||
| + | % Module: uscan | ||
| + | % Host(s): 192.168.0.97 | ||
| + | % Port(s): 80 | ||
| + | % Root(s): / | ||
| + | 16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)~ ## 16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07) | ||
| + | |||
| + | Hasilnya kira-kira | ||
| + | |||
| + | 192.168.0.97 / 80 | ||
| + | |||
| + | % BANNER % Apache/2.4.18 (Ubuntu) => apache | ||
| + | |||
| + | % INFO % FP(/) => 200#text/html#0a9ffb28d87cd72d43789e2c2ea0e596#ade90fe935d00ad54a5a46b818d3529b | ||
| + | |||
| + | % INFO % FP(/1ZiI5Nw5) => 404#text/html#85ec7d654b5e37c2075dd91d305f1b7d#6596e0bfbf82d6d3fe35239a191a3ff7 | ||
| + | |||
| + | % INFO % FP(/index.php) => 404#text/html#85ec7d654b5e37c2075dd91d305f1b7d#6596e0bfbf82d6d3fe35239a191a3ff7 | ||
| + | |||
| + | % 200 % /guestbook/?number=5&lng=%3Cscript%3Ealert(document.domain);%3C/script%3E | ||
| + | % DESC % MPM Guesbook 1.2 and previous are vulnreable to XSS attacks. | ||
| + | |||
| + | % 200 % /guestbook/ | ||
| + | % DESC % This might be interesting... | ||
| + | |||
| + | % 200 % /squirrelmail/src/read_body.php | ||
| + | % DESC % This might be interesting... has been seen in web logs from an unknown scanner. | ||
| + | |||
| + | % 200 % /icons/README | ||
| + | % DESC % Apache default file found. | ||
==Run GUI== | ==Run GUI== | ||
Revision as of 16:30, 5 June 2018
Webshag adalah tool audit web server multi-threaded, multi-platform. Ditulis menggunakan Python, ia mengumpulkan fungsionalitas yang biasanya berguna untuk pengauditan server web seperti crawling web, scan URL atau file fuzzing.
Webshag dapat digunakan untuk memindai server web di HTTP atau HTTPS, melalui proxy dan menggunakan otentikasi HTTP (Basic dan Digest). Selain itu, ia dapat mengusulkan fungsi penghindaran IDS yang inovatif yang bertujuan untuk membuat korelasi antara permintaan yang lebih rumit (misalnya menggunakan request berbeda random untuk setiap server proxy HTTP).
Instalasi
sudo apt-get install python-wxgtk3.0 git nmap cd /usr/local/src git clone https://github.com/wereallfeds/webshag cd webshag/ ./setup.linux.py
Run CLI
cd /usr/local/src/webshag
pscan
./webshag_cli.py -m pscan <target> ./webshag_cli.py -m pscan 192.168.0.97
Hasilnya kira-kira
% webshag 1.10 % Module: pscan % Host: 192.168.0.97
% PORT % 22 (tcp) % SRVC % ssh % PROD % OpenSSH % SYST % Linux % PORT % 23 (tcp) % SRVC % telnet % PROD % Linux telnetd % SYST % Linux % PORT % 25 (tcp) % SRVC % smtp % PROD % Postfix smtpd % PORT % 80 (tcp) % SRVC % http % PROD % Apache httpd % PORT % 110 (tcp) % SRVC % pop3 % PROD % Dovecot pop3d % PORT % 139 (tcp) % SRVC % netbios-ssn % PROD % Samba smbd % PORT % 143 (tcp) % SRVC % imap % PROD % Dovecot imapd % PORT % 445 (tcp) % SRVC % netbios-ssn % PROD % Samba smbd % PORT % 3306 (tcp) % SRVC % mysql % PROD % MySQL
uscan
./webshag_cli.py 192.168.0.97 16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)~ ## 16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07) % webshag 1.10 % Module: uscan % Host(s): 192.168.0.97 % Port(s): 80 % Root(s): / 16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)~ ## 16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)16:30, 5 June 2018 (+07)
Hasilnya kira-kira
192.168.0.97 / 80 % BANNER % Apache/2.4.18 (Ubuntu) => apache % INFO % FP(/) => 200#text/html#0a9ffb28d87cd72d43789e2c2ea0e596#ade90fe935d00ad54a5a46b818d3529b % INFO % FP(/1ZiI5Nw5) => 404#text/html#85ec7d654b5e37c2075dd91d305f1b7d#6596e0bfbf82d6d3fe35239a191a3ff7 % INFO % FP(/index.php) => 404#text/html#85ec7d654b5e37c2075dd91d305f1b7d#6596e0bfbf82d6d3fe35239a191a3ff7 % 200 % /guestbook/?number=5&lng=%3Cscript%3Ealert(document.domain);%3C/script%3E % DESC % MPM Guesbook 1.2 and previous are vulnreable to XSS attacks. % 200 % /guestbook/ % DESC % This might be interesting... % 200 % /squirrelmail/src/read_body.php % DESC % This might be interesting... has been seen in web logs from an unknown scanner. % 200 % /icons/README % DESC % Apache default file found.
Run GUI
cd /usr/local/src/webshag ./webshag_gui