Georgius' Site

Week 5

The creation of the groups were on this week. Group members: Kho Ryan Anggada and Nicolas.
links to their blog:
Nicolas – http://2101704520nicolas.blog.binusian.org/intelligent-systems/
Ryan – http://2101704672ryan.blog.binusian.org/intelligent-systems/

Sqlmap is a powerful penetration testing tool used to detect and exploit sql injection vulnerabilities.

For demonstration, team1.pentest.id will be attacked using sqlmap

sqlmap -u “team1.pentest.id/?author=1/” 

The result is that the sqlmap was unsuccessful due to error 403 forbidden.

Searchsploit is a convenient tool used when a quick search of exploits are needed. For example if a person wants to check if there is any vulnerability in WordPress, they can use searchsploit.

Searchsploit shows exploits for wordpress themes, plugins and etc. It also shows the version. The person also can specify his/her search so that a specific wordpress version or plugin appears.

Crunch is a useful password list generator for generating password lists based on criteria.

crunch min max options

where minimum is the minimum amount of characters, maximum is the maximum amount of characters and options are the characters used for crunching.

Whois is a convenient tool used to search domain information.

This tool shows registrar info, name server, expiration date and etc.

John the ripper is a powerful tool used for offline cracking tool. It can autodetect a lot of hashes such as FreeBSD MD5-based and etc.

For demonstration, the shadow file in /etc/shadow/ will be cracked in the VM.

From this picture, we can see that it auto loads the hash.

It also has the unshadow function which combines the passwd file with the shadow file.

Nikto is a website scanning tool designed not for stealth, but for quickest result. Nikto has many features such as checking for outdated software versions (PHP, apache, etc), checking for vulnerability and etc.

Continue reading →

The Metasploit framework is a very powerful tool capable of information gathering, vulnerability analysis, exploit vulnerabilities and etc. For a full tutorial, visit https://www.offensive-security.com/metasploit-unleashed/.

Continue reading →

DIRB is a web content scanner used for scanning both hidden and non hidden web objects. It does a dictionary based attack against a web server and checks every response given.

Continue reading →

Nmap is a network mapping tool used for network discovery. Nmap can get information such as open ports, OS, version and etc. Nmap has a lot of options such as syn scan, udp scan and etc.

Continue reading →