Professional Documents
Culture Documents
Testing
Table of Contents
Overview
Enumeration
Tool Output
Do We Stop Here?
Custom Scripts
Wpscan
Online Research
Testing Exploitation
PHP LFI
Code Execution, Yes Please!
Overview
This session will cover the mindset I
follow when approaching a web
application
I am going to show where many
might stop, and what happens when
you push further
These types of techniques can be
applied to any web application
Overview Cont.
Tools Leveraged:
Nmap
Whatweb
Wpscan
Wget
Custom scripts
Burp Suite
Netcat
Google
Methodology Overview
Pre-Engagement Activities
Hammer out all the details to conduct the test
(Schedule, Scoping, Rules of Engagement, Formal
Permission, etc.)
Automated Testing
Manual Testing and Validation
Reporting
Remediation Support
Methodologies Cont.
Penetration Testing Execution
Standard (PTES):
http://www.pentest-standard.org/index.
php/Main_Page
Mindset is Key
Think like an attacker and see things
through a different lens:
Upload an avatar? Hmmm add code?
Download a report? Hmm directory traversal
for another file?
Confidence
Without it youll very easily hit a wall and stop
I tell myself a vulnerability is here I just need
to find it
Enumeration
Nmap:
WhatWeb:
Do We Stop Here?
Hmmm?
Custom Scripts
Web Application testing requires
custom scripting.really no way
getting around it:
Wpscan
Wpscan:
Wpscan
Do we stop here?
Wpscan : Plugin
Enumeration
Wpscan: --enumerate p
Online Research
Testing Exploitation
Yea, lets grap /etc/passwd
PHP LFI
Cool, so we can LFI, do we stop now?
Demo
Summary
Tools may not give you the answer
Very easy to hit a hurdle and quit
You need to be curious/creative and
constantly push to get more information
Confidence and mindset goes a long way