Results 1 to 7 of 7

Thread: Testing web apps for SQL Injection, XSS, and access control bipass? Kali Tools?

  1. #1
    Join Date
    2013-May
    Posts
    20

    Testing web apps for SQL Injection, XSS, and access control bipass? Kali Tools?

    I was showing off a website to a friend. He took a look at it and within about 15 he was able to get my username and password for the admin log in. he showed me. I was humbled by his skill, kinda embarrassed, and also impressed at the same time.

    I came to the conclusion I really need to learn how to pentest my own web apps and be able to write good defensive code. Where should I start what are some good vulnerability scanners for newbs?

    I recently started working as an SEO manager for a design firm. I don't really do a lot of the actually coding right now. Mostly I do content writing and link building. So pentesting is really beyond the scope my job. But I think it would be good for everyone involved it we could produce more secure web apps. That and this hacking stuff is really starting to grow on me and I'm pretty curious.

    What are some good tools for scanning websites for potential security issues? What comes with Kali?

    Scan for SQL Injection, XSS, and access control bipass?

    Any suggestions would be awesome.

    Thanks in advance.

  2. #2
    Join Date
    2013-Jun
    Posts
    10
    Quote Originally Posted by strokerace View Post
    Its not so much the tool, but how your site is coded. What they do, is find out what exploits are available. Then plan their attack according to the exploit. SQL is one of the biggest issue these day. I believe Kali is equiped with all or most tools for SQL injections. This is how the Group Anonymous has been hacking websites. CMS like Vbulletin has about a dozen exploits available for it. Just download Kali, look through the menus. Then search for exploits for you style of code. Here is a good site to find all the current exploits. http://www.exploitsdownload.com/ Just use the search and it will give you the exploit.
    thats not really a clear or entirely true answer.. "they" (must be those 12 year old china hackers)

    if the OP is writing his own apps, then obviously there is likely no exploits for it (yet).

    I would suggest simply googling "Scan for SQL Injection, XSS, and access control bipass?"

    your question has a enormous answer.. start here? http://www.securitytube.net/

    I would also suggest that you talk to your friend. if he is good, then hire him as a consultant.

  3. In answering your question: Rapid7 makes some great tools and resources for learning how to secure your environment. Nexpose is one such tool, and fairly easy to understand/operate. Nessus is also another very good one that is free* to use, from their .org site its a bit delayed with updates for obvious reasons. From their the tools take a bit more learning up on to get good results. Sqlmap is a good one for SQL injection testing.

    After that it just become how much you are willing to invest in time to learn how to operate other tools. Metasploit is wonderful but has a large learning curve.

    Without knowing how he was able to get your credentials, it might be worth pointing out, there are other methods that are easier to defend against in which he may have employed. Sniffing the traffic for example, one may just pull out in plain text your passwords as you login or stealing your browser cookies is very trivial. Good implementation of safe browsing techniques could at the very least prevent some of these hacks. Some examples are like never using an open Wifi and using SSL.

    I hope this answers some of your questions
    Fact, Science and the Pursuit of Knowledge. Working to secure your networks from threats; Outside and Within.

  4. Good for you stroker ace. You win a cookie.
    I'm sure the OP as a newly hired manager has all the free time in the world to learn how to " fix flaws in code without ever using any tools".
    Fact, Science and the Pursuit of Knowledge. Working to secure your networks from threats; Outside and Within.

  5. #5
    Join Date
    2013-May
    Posts
    26
    Quote Originally Posted by vailixi View Post
    I was showing off a website to a friend. He took a look at it and within about 15 he was able to get my username and password for the admin log in. he showed me. I was humbled by his skill, kinda embarrassed, and also impressed at the same time.

    I came to the conclusion I really need to learn how to pentest my own web apps and be able to write good defensive code. Where should I start what are some good vulnerability scanners for newbs?

    I recently started working as an SEO manager for a design firm. I don't really do a lot of the actually coding right now. Mostly I do content writing and link building. So pentesting is really beyond the scope my job. But I think it would be good for everyone involved it we could produce more secure web apps. That and this hacking stuff is really starting to grow on me and I'm pretty curious.

    What are some good tools for scanning websites for potential security issues? What comes with Kali?

    Scan for SQL Injection, XSS, and access control bipass?

    Any suggestions would be awesome.

    Thanks in advance.
    Penteter Lab has some good tutorials and vulnerable systems at https://www.pentesterlab.com/
    Vulnhub has some vulnerable systems at http://vulnhub.com/

    both are good resources for Web application issues and exploitation.
    Last edited by compuwar; 2013-07-02 at 20:57.

  6. #6
    Join Date
    2013-Jun
    Location
    Lanaken, Belgium
    Posts
    43
    If you need a playground to start with, take a look at http://www.dvwa.co.uk/

    Also i believe that all web developers should be familiar with the OWASP Top 10. Good coding and input validation is essential.

    As for launching tools, you still have to understand what you are doing. You need to act on the results. If you want to take this road, know that the road is long but interesting.

  7. #7
    Join Date
    2013-May
    Posts
    20
    Much thanks for the suggested reading guys.

Similar Threads

  1. What is the Kali Linux Access Control System type?
    By Return1 in forum General Archive
    Replies: 1
    Last Post: 2022-08-12, 12:24
  2. Replies: 1
    Last Post: 2014-09-09, 23:25

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •