Professional Documents
Culture Documents
Walkthrough 1890
Walkthrough 1890
URL https://attackdefense.com/challengedetails?cid=1890
Important Note: This document illustrates all the important steps required to complete this lab.
This is by no means a comprehensive step-by-step solution for this exercise. This is only
provided as a reference to various commands needed to complete this exercise and for your
further research on this topic. Also, note that the IP addresses and domain names might be
different in your lab.
The IP address of the attacker machine is 192.156.207.2. The target machine is located at the
IP address 192.156.207.3
Step 2: Identifying open ports.
Step 3: Starting Burp Suite. Click on the Menu, Navigate to "Web Application Analysis" and click
on "owasp-zap".
ZAP:
Step 4: Click on "Manual Explore", enter the target IP address in the Input field and click on
"Launch Browser".
Step 6: Right Click on the target site under Sites, navigate to Attack and click on "Spider" .
A dialog box will appear
Step 7: Click on the "Start Scan" button and ZAP will start crawling the web pages.
The crawled web pages and files will appear on the sitemap.
Step 8: After all the pages are crawled, Click on the Export Button.
Step 9: Enter a filename ("zap-spider.csv") and save the output.