Ethical Hacking and Penetration Testing Guide
Yüklə 22,44 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Exploit Databases
|
Exploit Databases
Inj3ctor exploit database is a very old and interesting exploit database. It was first called “milw0rm. com”, then renamed to “inj3ctOr.com”, and is now known as “1337day.com.” The group is widely known and popular for hacking into Bhabha Atomic Research Centre ( BARC ), the nuclear research facility in India. This database attracts our attention because you will find lots of private exploits here that cannot be found elsewhere, and it facilitates buying/selling of exploits, with the inj3ctor team acting as the middle man. We, as penetration testers, can use it to our advantage by buying the private exploits and uti- lizing them in our penetration tests. Sometimes, the “title of the vulnerability” and minor details that the author has described could give a great hint on where the vulnerability is located inside a particular application. For example, I was looking at a recent exploit which was up for sale. It was titled as “Paypal Stored XSS”. The author had included a small video which demonstrated the vulnerability. The vulnerability triggered as soon as the victim opened up the payment detail. This clearly gave an indication that the malicious payload was inserted inside the place which allowed us to send payments. On closely analyzing the page which allowed us to send payments, I noticed a field which allowed us to send a note to the person whom we would be sending a payment and that was the place which was used to trigger the vulnerability. Ofcourse, this could be complicated at times, however it’s always worth trying to save some money. Another database that would be worth mentioning is exploit-db.com, which is maintained by the Offensive Security team. Exploit-db contains a list of more than 20,000 well-known exploits categorized by platforms (Windows, Linux, Solaris, etc.) and by the types of exploits (remote, local, shellcodes, DDOS, etc.). 136 ◾ Ethical Hacking and Penetration Testing Guide Another advantage of using exploit-db is that it indicates if a particular exploit is verified or not. This way, you won’t end up running exploits that don’t work. Also, it would tell you if a Metasploit module is available for a particular exploit so you don’t have to do the tedious work of downloading, compiling, and debugging the exploit again. Yüklə 22,44 Mb. Dostları ilə paylaş:
|