|
Title: metasploit php Post by: COm_BOY on October 07, 2010, 07:28:24 AM I was trying to practice the following module
hxxp://www.metasploit.com/modules/exploit/unix/webapp/php_include and if I do it in my home lab I would require a vun. web app . Can anyone recommend me of any pre-configured webapp vun. to this attach so that I can do command execution ? Is webgoat a good option for this attack ? Title: Re: metasploit php Post by: H1t M0nk3y on October 07, 2010, 08:39:49 AM Webgoat is excellent for this. In fact, I use it when I do training on command injection attacks.
The easiest way is to download OWASP broken web apps VM image: http://code.google.com/p/owaspbwa/wiki/ProjectSummary (http://code.google.com/p/owaspbwa/wiki/ProjectSummary) Title: Re: metasploit php Post by: apollo on October 07, 2010, 12:43:55 PM exploit-db and search for Lan Party:
http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=lan+party That will get you a pretty easy to configure app with mysql that it works great with. That's what I've done demos on, it was very easy. If you have an up to date securely configured PHP, you will have to undo things to make remote file inclusion possible. That will be your only challenge. Title: Re: metasploit php Post by: COm_BOY on October 07, 2010, 01:26:05 PM Thanks for the replies , I have got one more question in mind .
I will also need to demonstrate a jsp shell from metasploit and thus I need to have a jsp file on the webserver and when the client executes it using browser we will receive a shell , now the point, inorder for the client to execute the file we need to have tomcat+java and then the mod_jk module and all that configured because apache is not supporting jsp by default . At the moment when i execute http://server_ip/file.jsp it throws a source code rather then just executing it ( i do have java on client ) . Can you guys recommend a smart and easy web server which is currently supporting jsp by default rather than the above solution .. actually i m not that good at linux :P .. thanks Title: Re: metasploit php Post by: dante on October 07, 2010, 02:42:46 PM Thanks for the replies , I have got one more question in mind . I will also need to demonstrate a jsp shell from metasploit and thus I need to have a jsp file on the webserver and when the client executes it using browser we will receive a shell , now the point, inorder for the client to execute the file we need to have tomcat+java and then the mod_jk module and all that configured because apache is not supporting jsp by default . At the moment when i execute http://server_ip/file.jsp it throws a source code rather then just executing it ( i do have java on client ) . Can you guys recommend a smart and easy web server which is currently supporting jsp by default rather than the above solution .. actually i m not that good at linux :P .. thanks JSP is a server side technology that gets executed on the server and the output of the execution of jsp is provided to the client. If you have a JSP reverse shell uploaded to the server, when you are accessing the jsp file you are getting the shell of the server and not that of the client. If you want infect client, think interms of flash, pdf, browser Title: Re: metasploit php Post by: COm_BOY on October 07, 2010, 03:28:48 PM JSP is a server side technology that gets executed on the server and the output of the execution of jsp is provided to the client. If you have a JSP reverse shell uploaded to the server, when you are accessing the jsp file you are getting the shell of the server and not that of the client. If you want infect client, think interms of flash, pdf, browser [/quote] You really mean to say that jsp files cannot be executed on client systems ? here is the post I was trying to do hxxp://carnal0wnage.attackresearch.com/node/389 Please let me know if I am doing some mistakes Title: Re: metasploit php Post by: dante on October 07, 2010, 03:44:40 PM Original link:http://exploit.co.il/hacking/metasploit-java-meterpreter-payload/
its a java applet and not jsp file... you do not need tomcat nor a server if you follow that link... You just need a client machine with JRE installed. The demo would be more impressive if you are not executing the jar file manually on the client side as shown in the link you provided. Instead you should probably write a html that embeds the applet and this html should be hosted in the server(any static web server would do).. Now when the client access the web page hosted on your server, you will get a shell of the client... Update: I didnt see that you edited your post to a new link... jsp files are not executed on client system period. What follows is not an accurate explanation and does not cover all cases... but I believe will help you to understand... jsp,php,asp - all are executed on the server side and provides the output in html format and this html is sent by the server to the client and the client usually a browser renders the html. You should read about how web applications are developed. Title: Re: metasploit php Post by: COm_BOY on October 07, 2010, 03:48:34 PM its a java applet and not jsp file... you do not need tomcat nor a server if you follow that link... You just need a client machine with JRE installed. The demo would be more impressive if you are not executing the jar file manually on the client side as shown in the link you provided. Instead you should probably write a html that embeds the applet and this html should be hosted in the server(any static web server would do).. Now when the client access the web page hosted on your server, you will get a shell of the client... sorry , I did posted the wrong link and now I have edited my previous post , can you check the link out now Title: Re: metasploit php Post by: H1t M0nk3y on October 08, 2010, 06:35:42 AM BTW guys, the title of the thread is "Metasploit php"... ;)
Title: Re: metasploit php Post by: COm_BOY on October 08, 2010, 07:37:13 AM Thanks for the replies , I have got one more question in mind . I will also need to demonstrate a jsp shell from metasploit and thus I need to have a jsp file on the webserver and when the client executes it using browser we will receive a shell , now the point, inorder for the client to execute the file we need to have tomcat+java and then the mod_jk module and all that configured because apache is not supporting jsp by default . At the moment when i execute http://server_ip/file.jsp it throws a source code rather then just executing it ( i do have java on client ) . Can you guys recommend a smart and easy web server which is currently supporting jsp by default rather than the above solution .. actually i m not that good at linux :P .. thanks I am working on that php one by installing webgoat .. however I was also stuck at jsp shells so i continued here only .. I think i should have started another thread for that Title: Re: metasploit php Post by: vekarman on October 15, 2010, 08:09:23 AM Hi COm_BOY,
Quote and if I do it in my home lab I would require a vun. web app . Can anyone recommend me of any pre-configured webapp vun. Download Damn Vulnerable Web Application from http://www.dvwa.co.uk/ (http://www.dvwa.co.uk/) HTH
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |