With the power from the gods of all hacking, I am rejuvenated to strenghthen up my core and start being offensive!
What is up readers! Welcome to another blog, this time I'll be making on post and exfiltrating some sites!
Yes sir! Some site penetrations! hmm..
Some vulnerable sites ofcourse! Google searched some sites that are vulnerable and got the content below,
https://www.bonkersabouttech.com/security/40-intentionally-vulnerable-websites-to-practice-your-hacking-skills/392
We'll be using some of these urls for our some hacky hacky. On to my blog..
Hacking some web application can be a sweet cake hiding from your grandma's closet. To completely compromised a website, one must undertand the architecture,directories and files used. Getting informations for such is a tedius task for a particular spider or tool that can get informations from a site. The only way to get the content we needed to create some bruteforcer to get the application files needed.
Sometimes developers left out some critical informations leaked on a websites leading for it being compromised. As I have mentioned on some of my previous blog, the numero uno step of hacking, is gathering informations on the target.
The program that I'll show you will bruteforce on the site and perform some directory traversals with it.
How will it work?
First, with the lists of all the vulnerable sites mentioned above, I'll pick up some that we'll be using to perform this bruteforce attack. Below are the 3 sites,
We then read from a wordlist used from some well-known brute forcing tool such as DirBuster to look unto directories and files accessible on the target.
Then, we apply the algorithm below,
#extensions to look for
var_extension = ["php","bak","xml","inc"]
#create a Queue to get on words from list
#iterate on Threads, call out Queue
# for seeking on file extensions and directory.
#a file extension
if '.' in list of chars parsed:
append on list
#a directory
else:
append on list
for item in list:
<actions>
....
...
try:
#GET http headers and code request
#print if url is accessible from client
except:
#if not accessible
#print result
As you can see, even though the link is not accessible, still have it printed for we can still get something out of it, thus we can utilize it for some future attacks.
With all that , we then run the program..
We can see alot of 200s and 403s on the above image, seems that I'm seeing some good stuff though :)
Oops would glad to see the '.ini' too bad its 403
So alot of 503 results, would have terminated the program. As you've noticed that program has processed the sites simultaneously, it's because I've used threading in this application, because if I did not it would take me some time to complete just the first webapp.
Just some tips, bruteforcing a web application using this application will need a lot of RAM on your machine's stomach. With all the process and execution running this could slow down your system given if you don't have the specs to run it. A better spec machine, would render better and faster results.
I hope I just gave you insights on this concept, enjoy hacking =)
<krontek>halt
Comments