(For more resources related to this topic, see here.)
Web apps are now a major part of today's World Wide Web. Keeping them safe and secure is the prime focus of webmasters. Building web apps from scratch can be a tedious task, and there can be small bugs in the code that can lead to a security breach. This is where web apps jump in and help you secure your application. Web app penetration testing can be implemented at various fronts such as the frontend interface, database, and web server. Let us leverage the power of some of the important tools of Kali that can be helpful during web app penetration testing.
WebScarab is an HTTP and HTTPS proxy interceptor framework that allows the user to review and modify the requests created by the browser before they are sent to the server. Similarly, the responses received from the server can be modified before they are reflected in the browser. The new version of WebScarab has many more advanced features such as XSS/CSRF detection, Session ID analysis, and Fuzzing. Follow these three steps to get started with WebScarab:
- To launch WebScarab, browse to Applications | Kali Linux | Web applications | Web application proxies | WebScarab.
- Once the application is loaded, you will have to change your browser's network settings. Set the proxy settings for IP as 127.0.0.1 and Port as 8008:
- Save the settings and go back to the WebScarab GUI. Click on the Proxy tab and check Intercept request. Make sure that both GET and POST requests are highlighted on the left-hand side panel. To intercept the response, check Intercept responses to begin reviewing the responses coming from the server.
Attacking the database using sqlninja
sqlninja is a popular tool used to test SQL injection vulnerabilities in Microsoft SQL servers. Databases are an integral part of web apps hence, even a single flaw in it can lead to mass compromising of information. Let us see how sqlninja can be used for database penetration testing.
To launch SQL ninja, browse to Applications | Kali Linux | Web applications | Database Exploitation | sqlninja.
This will launch the terminal window with sqlninja parameters. The important parameter to look for is either the mode parameter or the –m parameter:
The –m parameter specifies the type of operation we want to perform over the target database.Let us pass a basic command and analyze the output:
root@kali:~#sqlninja –m test Sqlninja rel. 0.2.3-r1 Copyright (C) 2006-2008 icesurfer [-] sqlninja.conf does not exist. You want to create it now ? [y/n]
This will prompt you to set up your configuration file (sqlninja.conf). You can pass the respective values and create the config file. Once you are through with it, you are ready to perform database penetration testing.
The Websploit framework
Websploit is an open source framework designed for vulnerability analysis and penetration testing of web applications. It is very much similar to Metasploit and incorporates many of its plugins to add functionalities.
To launch Websploit, browse to Applications | Kali Linux | Web Applications | Web Application Fuzzers | Websploit.
We can begin by updating the framework. Passing the update command at the terminal will begin the updating process as follows:
wsf>update [*]Updating Websploit framework, Please Wait…
Once the update is over, you can check out the available modules by passing the following command:
Let us launch a simple directory scanner module against www.target.com as follows:
wsf>use web/dir_scanner wsf:Dir_Scanner>show options wsf:Dir_Scanner>set TARGET www.target.com wsf:Dir_Scanner>run
Once the run command is executed, Websploit will launch the attack module and display the result. Similarly, we can use other modules based on the requirements of our scenarios.
In this article, we covered the following sections:
- WebScarab proxy
- Attacking the database using sqlninja
- The Websploit framework
Resources for Article:
- Installing VirtualBox on Linux [Article]
- Linux Shell Script: Tips and Tricks [Article]
- Installing Arch Linux using the official ISO [Article]