metasploit php

Viewing 10 reply threads
  • Author
    Posts
    • #5666
      COm_BOY
      Participant

      I was trying to practice the following module

      hxxp://www.metasploit.com/modules/exploit/unix/webapp/php_include

      and if I do it in my home lab I would require a vun. web app . Can anyone recommend me of any pre-configured webapp vun. to this attach so that I can do command execution ? Is webgoat a good option for this attack ?

    • #35634
      caissyd
      Participant

      Webgoat is excellent for this. In fact, I use it when I do training on command injection attacks.

      The easiest way is to download OWASP broken web apps VM image:
      http://code.google.com/p/owaspbwa/wiki/ProjectSummary

    • #35635
      apollo
      Participant

      exploit-db and search for Lan Party:
      http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=lan+party

      That will get you a pretty easy to configure app with mysql that it works great with.  That’s what I’ve done demos on, it was very easy.  If you have an up to date securely configured PHP, you will have to undo things to make remote file inclusion possible.  That will be your only challenge.

    • #35636
      COm_BOY
      Participant

      Thanks for the replies , I have got one more question in mind .

      I will also need to demonstrate a jsp shell from metasploit and thus I need to have a jsp file on the webserver and when the client executes it using browser we will receive a shell , now the point, inorder for the client to execute the file we need to have tomcat+java and then the mod_jk module and all that configured because apache is not supporting jsp by default . At the moment when i execute http://server_ip/file.jsp it throws a source code rather then just executing it ( i do have java on client ) .

      Can you guys recommend a smart and easy web server which is currently supporting jsp by default rather than the above solution .. actually i m not that good at linux 😛 ..

      thanks

    • #35637
      dante
      Participant

      @COm_BOY wrote:

      Thanks for the replies , I have got one more question in mind .

      I will also need to demonstrate a jsp shell from metasploit and thus I need to have a jsp file on the webserver and when the client executes it using browser we will receive a shell , now the point, inorder for the client to execute the file we need to have tomcat+java and then the mod_jk module and all that configured because apache is not supporting jsp by default . At the moment when i execute http://server_ip/file.jsp it throws a source code rather then just executing it ( i do have java on client ) .

      Can you guys recommend a smart and easy web server which is currently supporting jsp by default rather than the above solution .. actually i m not that good at linux 😛 ..

      thanks

      JSP is a server side technology that gets executed on the server and the output of the execution of jsp is provided to the client. If you have a JSP reverse shell uploaded to the server, when you are accessing the jsp file you are getting the shell of the server and not that of the client. If you want infect client, think interms of flash, pdf, browser

    • #35638
      COm_BOY
      Participant

      JSP is a server side technology that gets executed on the server and the output of the execution of jsp is provided to the client. If you have a JSP reverse shell uploaded to the server, when you are accessing the jsp file you are getting the shell of the server and not that of the client. If you want infect client, think interms of flash, pdf, browser
      [/quote]

      You really mean to say that jsp files cannot be executed on client systems ? here is the post I was trying to do
      hxxp://carnal0wnage.attackresearch.com/node/389

      Please let me know if I am doing some mistakes

    • #35639
      dante
      Participant

      Original  link:http://exploit.co.il/hacking/metasploit-java-meterpreter-payload/

      its a java applet and not jsp file… you do not need tomcat nor a server if you follow that link…

      You just need a client  machine with JRE installed.

      The demo would be more impressive if you are not executing the jar file manually on the client side as shown in the link you provided. Instead you should probably write a html that embeds the applet and this html should be hosted in the server(any static web server would do).. Now when the client  access the web page hosted on your server, you will get a shell of the client…

      Update: I didnt see that you edited your post to a new link…
      jsp files are not executed on client system period.
      What follows is not an accurate explanation and does not cover all cases… but I believe will help you to understand…
      jsp,php,asp – all are executed on the server side and provides the output in html format and this html is sent by the server to the client and the client usually a browser renders the html. You should read about how web applications are developed.

    • #35640
      COm_BOY
      Participant

      @dante wrote:

      its a java applet and not jsp file… you do not need tomcat nor a server if you follow that link…

      You just need a client  machine with JRE installed.

      The demo would be more impressive if you are not executing the jar file manually on the client side as shown in the link you provided. Instead you should probably write a html that embeds the applet and this html should be hosted in the server(any static web server would do).. Now when the client  access the web page hosted on your server, you will get a shell of the client…

      sorry , I did posted the wrong link and now I have edited my previous post , can you check the link out now

    • #35641
      caissyd
      Participant

      BTW guys, the title of the thread is “Metasploit php”…  😉

    • #35642
      COm_BOY
      Participant

      @COm_BOY wrote:

      Thanks for the replies , I have got one more question in mind .

      I will also need to demonstrate a jsp shell from metasploit and thus I need to have a jsp file on the webserver and when the client executes it using browser we will receive a shell , now the point, inorder for the client to execute the file we need to have tomcat+java and then the mod_jk module and all that configured because apache is not supporting jsp by default . At the moment when i execute http://server_ip/file.jsp it throws a source code rather then just executing it ( i do have java on client ) .

      Can you guys recommend a smart and easy web server which is currently supporting jsp by default rather than the above solution .. actually i m not that good at linux 😛 ..

      thanks

      I am working on that php one by installing webgoat .. however I was also stuck at jsp shells so i continued here only .. I think i should have started another thread for that

    • #35643
      vekarman
      Participant

      Hi COm_BOY,

      and if I do it in my home lab I would require a vun. web app . Can anyone recommend me of any pre-configured webapp vun.

      Download Damn Vulnerable Web Application from
      http://www.dvwa.co.uk/

      HTH

Viewing 10 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?