The Ethical Hacker Network - Expoits from a web page?

SephStorm

Sr. Member

Offline

Posts: 416

Expoits from a web page?

« on: October 16, 2011, 03:03:58 PM »

So I am just remembering when I was testing out Metasploit that there were exploits that would be hosted by the framework on a generic web page. Now my question is, could I create a public web site, and have the framework host a page on that site with the exploit code? i.e, create a page with links (hosted on a public webserver (www.test.lon.com) and then all the links go to a subpage on that site (www.test.lon.com/exploitmenow)?

Also, how do hackers get exploit code on to public websites? I assume they compromise the webserver and literally place the code into a script or whatnot on the webserver?

A third question, when I hosted those pages through metasploit, were they world accessible? Or only accessible by machines on the LAN? I dont remember much from the old web dev days, but I thought you had to get domain space in order to host a publicly accessible web site.


	Logged

Support my hactivities.
http://www.cafepress.com/TRUEHacker

hayabusa

Hero Member

Offline

Posts: 1304

Re: Expoits from a web page?

« Reply #1 on: October 16, 2011, 03:42:39 PM »

It literally depends on the website, and your goal.

The hackers / pentesters would have to first find a vulnerability and place their code there, yes (in the case of putting code onto another public server, like the one I mentioned in my malware post, where my clients had code inserted into their static webpages.)

As for your own server, accessibility is determined by the victim's need to reach your server. So if you're on the LAN with the victim, then it'd need to be reachable from other machines on the LAN / subnet. If your target is remote, then obviously your box needs to be reachable from wherever the target is.

If you're out to try to 'exploit the world,' then you'd need to be on a publicly-visible IP address / webserver.

So for your specific requests:

Paragraph 1 - yes, in the sense that you'd create the page with Metasploit, then upload onto the server

Paragraph 2 - yes, unless you're up to some XSS or other attacks. But for your purpose, as explained in your post, for straight exploits on hosted pages, you'd exploit first, then place your code.

Paragraph 3 - Depends on the IP, and accessibility from the public side, that you have assigned to your Metasploit host machine.

In short, your post basically seems to ask if you could use MSF to create publicly-accessible and usable exploits, hosted on public websites.

Yep!

Also... (sorry for edits...)

As far as obtaining hosting space - nah. You could register your address with dyndns, port-forward from your router to your MSF box, and wholla! You're hosting a page, which you could either use directly, or link to from someone else's page.


« Last Edit: October 16, 2011, 03:51:50 PM by hayabusa »	Logged

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCP , GPEN, C|EH

Jamie.R

Hero Member

Offline

Posts: 626

Re: Expoits from a web page?

« Reply #2 on: October 17, 2011, 03:33:16 AM »

Agree for example you might have file upload that does not do any validation on the file.You can upload a reverse shell giving you access with nc .Then from this you can try find way to compromise the box this could be uploading additional exploits.

I does really depends on what web site and what is running.


	Logged

OSWP | eCPPT | HackingDojo Nidan
www.jamierougive.co.uk

SephStorm

Sr. Member

Offline

Posts: 416

Re: Expoits from a web page?

« Reply #3 on: October 17, 2011, 10:00:58 AM »

Thanks guys, i'll have to look into this when I get back home, and can try this in the lab. Might have some more questions when I do.


	Logged

Support my hactivities.
http://www.cafepress.com/TRUEHacker

Ignatius

Jr. Member

Offline

Posts: 91

Re: Expoits from a web page?

« Reply #4 on: October 17, 2011, 01:01:33 PM »

Quote from: SephStorm on October 17, 2011, 10:00:58 AM

Thanks guys, i'll have to look into this when I get back home, and can try this in the lab. Might have some more questions when I do.

Please feed back with your experience. This is something that I might also try in the lab.


	Logged

ev0wpnz

Newbie

Offline

Posts: 5

Re: Expoits from a web page?

« Reply #5 on: November 08, 2011, 09:01:54 PM »

Attackers typically compromise sites and use something called an exploit kit. These 'kits' allow the attackers to try a variety of different browser/flash/pdf exploits against the target to get it to download malicious software.

Information about the current exploit packs can be found here:
http://contagiodump.blogspot.com/2010/06/overview-of-exploit-packs-update.html


	Logged

MaXe

Hero Member

Offline

Posts: 507

I've just upgraded myself to a cyborg muahahaa!!1

Re: Expoits from a web page?

« Reply #6 on: November 10, 2011, 06:25:51 PM »

Talking about Exploit Packs, check out this research: Grin

http://forum.intern0t.net/offensive-guides-information/2189-paper-hacking-skiddies.html

I know it's old, but it's for example not only interesting to see so many share the same vulnerabilities, but also that most of them use the same code.


	Logged

I'm an InterN0T'er

Pages: [1] Go Up

« previous next »