w3af
-
Upload
nu-the-open-security-community -
Category
Technology
-
view
1.433 -
download
6
description
Transcript of w3af
![Page 1: w3af](https://reader033.fdocuments.in/reader033/viewer/2022052122/5575dfdfd8b42a917e8b54c3/html5/thumbnails/1.jpg)
Web Application AttackWeb Application Attackand Audit Frameworkand Audit Framework
By Prajwal Panchmahalkar
![Page 2: w3af](https://reader033.fdocuments.in/reader033/viewer/2022052122/5575dfdfd8b42a917e8b54c3/html5/thumbnails/2.jpg)
W3af is a well known web attack and auditing framework.
•Very similar to Metasploit framework
W3af combines all necessary actions for a complete web attack.
•Mapping•Discovery•Exploitation
This puts the framework into three major plug-ins.
![Page 3: w3af](https://reader033.fdocuments.in/reader033/viewer/2022052122/5575dfdfd8b42a917e8b54c3/html5/thumbnails/3.jpg)
Web Service Support Exploits
•SQL injections(blind)
• OS commanding
• remote file inclusions
• local file inclusions
• XSS and more
A good harmony among plug-ins.
![Page 4: w3af](https://reader033.fdocuments.in/reader033/viewer/2022052122/5575dfdfd8b42a917e8b54c3/html5/thumbnails/4.jpg)
Discovery PluginDiscovery Plugin•URLS•Injection Points
Audit PluginAudit Plugin•Uses the above injection points•Sends crafted data to find vulnerabilities
Exploit PluginExploit Plugin•Exploits vulnerabilities found•Provides SQL dumps / remote shell is returned
![Page 5: w3af](https://reader033.fdocuments.in/reader033/viewer/2022052122/5575dfdfd8b42a917e8b54c3/html5/thumbnails/5.jpg)
![Page 6: w3af](https://reader033.fdocuments.in/reader033/viewer/2022052122/5575dfdfd8b42a917e8b54c3/html5/thumbnails/6.jpg)
![Page 7: w3af](https://reader033.fdocuments.in/reader033/viewer/2022052122/5575dfdfd8b42a917e8b54c3/html5/thumbnails/7.jpg)
Find all the URLs
•Create Fuzzable requestPlugins:
•WebSpider
•URL fuzzer
•Pykto
•GoogleFuzzer
![Page 8: w3af](https://reader033.fdocuments.in/reader033/viewer/2022052122/5575dfdfd8b42a917e8b54c3/html5/thumbnails/8.jpg)
They use the discovery plug-in outputs and find their respective vulnerabilities
•SQL Injection (blind)
•XSS
•Buffer Overflow
•Response Splitting
![Page 9: w3af](https://reader033.fdocuments.in/reader033/viewer/2022052122/5575dfdfd8b42a917e8b54c3/html5/thumbnails/9.jpg)
Grep every HTTP request and response
•findComments•passwordProfiling•privateIP•DirectoryIndexing•Getmails•lang
![Page 10: w3af](https://reader033.fdocuments.in/reader033/viewer/2022052122/5575dfdfd8b42a917e8b54c3/html5/thumbnails/10.jpg)
BruteForce•Bruteforce logins
Evasion•Modify the request to evade IDS detection
Mangle•Modify requests/responses based on regular expressions.
Output•Write logs .
![Page 12: w3af](https://reader033.fdocuments.in/reader033/viewer/2022052122/5575dfdfd8b42a917e8b54c3/html5/thumbnails/12.jpg)
THANKS TOTHANKS TO
ALLALL
![Page 13: w3af](https://reader033.fdocuments.in/reader033/viewer/2022052122/5575dfdfd8b42a917e8b54c3/html5/thumbnails/13.jpg)