Command injection is probably the most dangerous of all known web application attack vectors. Most attackers seek to exploit vulnerabilities in the hope that they will ultimately find a way to execute arbitrary commands on the underlying operating system. Command-execution vulnerabilities provide that capability without any additional steps. In this recipe, we will discuss how to use web server logs or custom web service scripts to confirm command-execution vulnerabilities.
Validating command-injection vulnerabilities with HTTP traffic
by Justin Hutchens, Michael Hixon
Kali Linux Network Scanning Cookbook - Second Edition
- Preface
- Getting Started
- Introduction
- Configuring a security lab with VMware Player (Windows)
- Configuring a security lab with VMware Fusion (macOS)
- Installing Ubuntu Server
- Installing Metasploitable2
- Installing Windows Server
- Increasing the Windows attack surface
- Installing Kali Linux
- Using text editors (Vim and GNU nano)
- Keeping Kali updated
- Managing Kali services
- Configuring and using SSH
- Installing Nessus on Kali Linux
- Reconnaissance
- Discovery
- Introduction
- Using Scapy to perform host discovery (layers 2/3/4)
- Using Nmap to perform host discovery (layers 2/3/4)
- Using ARPing to perform host discovery (layer 2)
- Using netdiscover to perform host discovery (layer 2)
- Using Metasploit to perform host discovery (layer 2)
- Using hping3 to perform host discovery (layers 3/4)
- Using ICMP to perform host discovery
- Using fping to perform host discovery
- Port Scanning
- Introduction
- UDP port scanning
- TCP port scanning
- Port scanning with Scapy (UDP, stealth, connect, and zombie)
- Port scanning with Nmap (UDP, stealth, connect, zombie)
- Port scanning with Metasploit(UDP, stealth, and connect)
- Port scanning with hping3 (stealth)
- Port scanning with DMitry (connect)
- Port scanning with Netcat (connect)
- Port scanning with masscan (stealth)
- Fingerprinting
- Introduction
- Banner grabbing with Netcat
- Banner grabbing with Python sockets
- Banner grabbing with DMitry
- Banner grabbing with Nmap NSE
- Banner grabbing with Amap
- Service identification with Nmap
- Service identification with Amap
- Operating system identification with Scapy
- Operating system identification with Nmap
- Operating system identification with xprobe2
- Passive operating system identification with p0f
- SNMP analysis with Onesixtyone
- SNMP analysis with SNMPwalk
- Firewall identification with Scapy
- Firewall identification with Nmap
- Firewall identification with Metasploit
- Vulnerability Scanning
- Introduction
- Vulnerability scanning with the Nmap Scripting Engine
- Vulnerability scanning with MSF auxiliary modules
- Creating scan policies with Nessus
- Vulnerability scanning with Nessus
- Vulnerability scanning with OpenVAS
- Validating vulnerabilities with HTTP interaction
- Validating vulnerabilities with ICMP interaction
- Denial of Service
- Introduction
- Fuzz testing to identify buffer overflows
- Remote FTP service buffer-overflow DoS
- Smurf DoS attack
- DNS amplification DoS attacks
- SNMP amplification DoS attack
- SYN flood DoS attack
- Sock stress DoS attack
- DoS attacks with Nmap NSE
- DoS attacks with Metasploit
- DoS attacks with the exploit database
- Working with Burp Suite
- Introduction
- Configuring Burp Suite on Kali Linux
- Defining a web application target with Burp Suite
- Using Burp Suite Spider
- Using Burp Suite Proxy
- Using Burp Suite engagement tools
- Using the Burp Suite web application scanner
- Using Burp Suite Intruder
- Using Burp Suite Comparer
- Using Burp Suite Repeater
- Using Burp Suite Decoder
- Using Burp Suite Sequencer
- Using Burp Suite Extender
- Using Burp Suite Clickbandit
- Web Application Scanning
- Introduction
- Web application scanning with Nikto
- SSL/TLS scanning with SSLScan
- SSL/TLS scanning with SSLyze
- GET method SQL injection with sqlmap
- POST method SQL injection with sqlmap
- Requesting a capture SQL injection with sqlmap
- Automating CSRF testing
- Validating command-injection vulnerabilities with HTTP traffic
- Validating command-injection vulnerabilities with ICMP traffic
- Attacking the Browser with BeEF
- Working with Sparta
- Automating Kali Tools
- Introduction
- Nmap greppable output analysis
- Port scanning with NMAP NSE execution
- Automate vulnerability scanning with NSE
- Automate web application scanning with Nikto
- Multithreaded MSF exploitation with reverse shell payload
- Multithreaded MSF exploitation with backdoor executable
- Multithreaded MSF exploitation with ICMP verification
- Multithreaded MSF exploitation with admin account creation
Validating command-injection vulnerabilities with HTTP traffic
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.