Difference between revisions of "Webshag"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 13: | Line 13: | ||
| − | ==Run== | + | ==Run CLI== |
cd /usr/local/src/webshag | cd /usr/local/src/webshag | ||
| − | ./ | + | ./webshag_cli.py -m pscan <target> |
| + | ./webshag_cli.py -m pscan 192.168.0.97 | ||
| + | |||
| + | Hasilnya kira-kira | ||
| + | |||
| + | 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)~ ## 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07) | ||
| + | % webshag 1.10 | ||
| + | % Module: pscan | ||
| + | % Host: 192.168.0.97 | ||
| + | 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)~ ## 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07) | ||
| + | |||
| + | 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07) | ||
| + | 192.168.0.97 | ||
| + | 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07) | ||
| + | % PORT % 22 (tcp) | ||
| + | % SRVC % ssh | ||
| + | % PROD % OpenSSH | ||
| + | % SYST % Linux | ||
| + | |||
| + | % PORT % 23 (tcp) | ||
| + | % SRVC % telnet | ||
| + | % PROD % Linux telnetd | ||
| + | % SYST % Linux | ||
| + | |||
| + | % PORT % 25 (tcp) | ||
| + | % SRVC % smtp | ||
| + | % PROD % Postfix smtpd | ||
| + | |||
| + | % PORT % 80 (tcp) | ||
| + | % SRVC % http | ||
| + | % PROD % Apache httpd | ||
| + | |||
| + | % PORT % 110 (tcp) | ||
| + | % SRVC % pop3 | ||
| + | % PROD % Dovecot pop3d | ||
| + | |||
| + | % PORT % 139 (tcp) | ||
| + | % SRVC % netbios-ssn | ||
| + | % PROD % Samba smbd | ||
| + | |||
| + | % PORT % 143 (tcp) | ||
| + | % SRVC % imap | ||
| + | % PROD % Dovecot imapd | ||
| + | |||
| + | % PORT % 445 (tcp) | ||
| + | % SRVC % netbios-ssn | ||
| + | % PROD % Samba smbd | ||
| + | |||
| + | % PORT % 3306 (tcp) | ||
| + | % SRVC % mysql | ||
| + | % PROD % MySQL | ||
| + | |||
| + | 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)~ ## 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07) | ||
| + | |||
| + | |||
| + | ==Run GUI== | ||
| + | |||
cd /usr/local/src/webshag | cd /usr/local/src/webshag | ||
./webshag_gui | ./webshag_gui | ||
Revision as of 16:26, 5 June 2018
Webshag adalah tool audit web server multi-threaded, multi-platform. Ditulis menggunakan Python, ia mengumpulkan fungsionalitas yang biasanya berguna untuk pengauditan server web seperti crawling web, scan URL atau file fuzzing.
Webshag dapat digunakan untuk memindai server web di HTTP atau HTTPS, melalui proxy dan menggunakan otentikasi HTTP (Basic dan Digest). Selain itu, ia dapat mengusulkan fungsi penghindaran IDS yang inovatif yang bertujuan untuk membuat korelasi antara permintaan yang lebih rumit (misalnya menggunakan request berbeda random untuk setiap server proxy HTTP).
Instalasi
sudo apt-get install python-wxgtk3.0 git nmap cd /usr/local/src git clone https://github.com/wereallfeds/webshag cd webshag/ ./setup.linux.py
Run CLI
cd /usr/local/src/webshag ./webshag_cli.py -m pscan <target> ./webshag_cli.py -m pscan 192.168.0.97
Hasilnya kira-kira
16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)~ ## 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07) % webshag 1.10 % Module: pscan % Host: 192.168.0.97 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)~ ## 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07) 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07) 192.168.0.97 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07) % PORT % 22 (tcp) % SRVC % ssh % PROD % OpenSSH % SYST % Linux % PORT % 23 (tcp) % SRVC % telnet % PROD % Linux telnetd % SYST % Linux % PORT % 25 (tcp) % SRVC % smtp % PROD % Postfix smtpd % PORT % 80 (tcp) % SRVC % http % PROD % Apache httpd % PORT % 110 (tcp) % SRVC % pop3 % PROD % Dovecot pop3d % PORT % 139 (tcp) % SRVC % netbios-ssn % PROD % Samba smbd % PORT % 143 (tcp) % SRVC % imap % PROD % Dovecot imapd % PORT % 445 (tcp) % SRVC % netbios-ssn % PROD % Samba smbd % PORT % 3306 (tcp) % SRVC % mysql % PROD % MySQL 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)~ ## 16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)16:26, 5 June 2018 (+07)
Run GUI
cd /usr/local/src/webshag ./webshag_gui