Scribd Logo
Upload

Welcome to Scribd!

  • Lab Assignment - 5 Informational Security Analysis and Audit

    Uploaded by

    puneeth
    40 views10 pages
    This document discusses using the W3AF scanner to analyze a website for vulnerabilities. It describes configuring W3AF to scan the VIT website for SQL injections and cross-site scripting vulnerabilities. The steps included enabling the necessary crawl and audit plugins, saving the configuration as a profile, and running the scan. Upon completion, the results showed any found vulnerabilities along with the associated requests and responses.

    Original Description:

    xss and sql injection points scan using w3af software

    Original Title

    W3AF

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses using the W3AF scanner to analyze a website for vulnerabilities. It describes configuring W3AF to scan the VIT website for SQL injections and cross-site scripting vulnerabilities. The steps included enabling the necessary crawl and audit plugins, saving the configuration as a profile, and running the scan. Upon completion, the results showed any found vulnerabilities along with the associated requests and responses.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    40 views10 pages

    Lab Assignment - 5 Informational Security Analysis and Audit

    Uploaded by

    puneeth
    This document discusses using the W3AF scanner to analyze a website for vulnerabilities. It describes configuring W3AF to scan the VIT website for SQL injections and cross-site scripting vulnerabilities. The steps included enabling the necessary crawl and audit plugins, saving the configuration as a profile, and running the scan. Upon completion, the results showed any found vulnerabilities along with the associated requests and responses.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 10

    LAB ASSIGNMENT - 5

    INFORMATIONAL SECURITY ANALYSIS AND


    AUDIT

    NAME : K.PUNEETH SAI

    REG NO : 18BCE0379

    TEAM : 4

    FACULTY : PROF SELVI M

    TOPIC : W3AF SCANNER ANALYSIS


    W3AF :
    W3AF is a free and open-source tool known as Web
    Application Attack and Framework. This tool is an open-source
    vulnerability scanning tool for web applications. It creates a framework
    which helps to secure the web application by finding and exploiting the
    vulnerabilities. This tool is known for user-friendliness. Along with
    vulnerability scanning options, W3AF has exploitation facilities used for
    penetration testing work as well.

    Moreover, W3AF covers a high-broaden collection of vulnerabilities.


    Domains that are attacked frequently, especially with newly identified
    vulnerabilities, can select this tool.

    Phases :
    w3af follows the steps you would perfom in a web
    application penetration test, see “Web Application Scanning” above. In
    order to do so it defines different types of plugins which are going to be
    called by the core in a specific order.
    Starting with a target URL provided by the user, w3af will
    first try to identify all URLs, forms and query string parameters in the
    application by the means of crawl plugins. A very good example of this
    type of plugin is the web_spider which will extract URLs from a page,
    follow those links and once again extract URLs from it. Following that
    process it will create a complete application link and form map.
    Once the application has been mapped, audit plugins will
    send specially crafted strings to each parameter in order to trigger bugs in
    the application’s code. When a bug is found it will be reported to the user.
    The most used audit plugin is sqli which will find error-based SQL
    injections.
    Identified vulnerabilities, debug and error messages, all are
    reported to the user with output plugins. These plugins will write the
    messages in different formats to suit your needs. In most cases a text file
    is what users need, but for integration into other tools XML file format is
    also available.
    Scanning :
    In this section is explained the different steps to configure, start
    and supervise a security scanning over a web site.

    Here we are going with configuration used for cross site scripting and
    sql injection vulnerabilities.

    Configurations and running part :


    Finding SQL injections and Cross-Site Scriptings is one of the most
    common tasks performed by w3af users, so lets explain how to do it. First
    you’ll have to start w3af’s GUI, from the command line run “w3af_gui”
    and you should see the main window:
    The first step is to set the target URL to the web application you want to
    scan, this example we’ll use “http://target.tld/”

    Here we are selecting vit website to scan

    https://vtop.vit.ac.in/vtop/initialProcess

    Next, you need to configure w3af to use a set of crawl plugins in order to
    identify the links and forms where the vulnerabilities might be located. In
    order to keep this example simple,
    we’ll just enable the web_spider plugin. To achieve this click on “crawl”
    on the Plugin tree, scroll down and enable web_spider:

    w3af can now identify all inputs, but it won’t identify Cross-Site
    Scriptings and SQL injections unless we instruct it to by enabling the
    corresponding audit plugins. In this case the plugins are xss and sqli. Also
    in the plugin tree, open the audit plugin branch and enable the plugins.
    Before starting the scan you can save the current settings to
    a profile which will help you repeat this scan in a next run, or customize
    it with advanced settings. On the profile list right-click
    over empty_profile, which should be in bold letters indicating that
    changes have been made to it, and select “Save configuration to a new
    profile”. Complete the required information and you should see a new
    profile in the list.
    Output :
    Now we’re ready to start the scan! In the main menu find the play icon
    and click it, it will start the scan with the current configuration.

    After starting the scan w3af will change it’s tab to the “Log” where you’ll
    be able to see what’s going on in the framework. At any point you can
    switch to the “Results” tab and browse through the Knowledge Base tree.
    When you click on a vulnerability you’ll be able to see the following
    information:
     Vulnerability description
     HTTP request and response associated with the vulnerability
    For v top website we found the above urls for implanting vulnerabilities.
    And there we can exploit sql and cross site scripting vulnerabilities

    w3af also supports these types of authentication credentials that a user


    can provide in order for the scanner to keep a session open to scan the
    target web application:
     HTTP Basic authentication
     NTLM authentication
     Form authentication
     Setting an HTTP cookie
     Etc
    We can also exploit to a website from this tool. In this section we can find
    exploitation.

    <------- THE END------->

    You might also like