Penetration Testing with Kali Linux OffSec
|
|
Cross-Site Scripting
(XSS) vulnerability. The target we tested has a web page aptly named XSSBlog.html. When we navigate to it, we can enter a blog entry. Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 93 Figure 5: XSS Testing When we read back the blog entry, we get the following alert: Figure 6: XSS Testing Issue In the course of making these requests, we keep a record of our actions, as shown below. Testing for Cross-Site Scripting Testing Target: 192.168.1.52 Application: XSSBlog Date Started: 31 March 2022 1. Navigated to the application http://192.168.1.52/XSSBlog.html Result: Blog page displayed as expected 2. Entered our standard XSS test data: You will rejoice to hear that no disaster has accompanied the commencement of an enterprise which you have regarded with such evil forebodings. I arrived here yesterday, and my first task is to assure my dear sister of my welfare and increasing confidence in the success of my undertaking. 3. Clicked Submit to post the blog entry. Result: Blog entry appeared to save correctly. 4. Navigated to read the blog post Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 94 http://192.168.1.52/XSSRead.php Result: The blog started to display and then the expected alert popped up. 5. Test indicated the site is vulnerable to XSS. PoC payload: Listing 26 - Example of a Testing Note. We now have a simple, fast, and expandable way to take coherent and comprehensive notes that another tester can follow. It’s worth repeating that the notes are not themselves the report we will deliver to the client, but they will be invaluable when we attempt to put our report together later. 5.1.4 Choosing the Right Note-Taking Tool There are an enormous number of both free and paid note-taking tools available today. To decide on the right tool for a particular engagement, it is important to understand some requirements. In many cases we want to keep all information local to the computer rather than uploading it anywhere else, so certain tools are precluded from being used. By the same token, if an engagement is source-code heavy then a tool that does not allow for code blocks to be inserted is not going to be appropriate. While a comprehensive list of desirable properties to keep in mind is nearly impossible to enumerate, some of the more important items to remember are: • Screenshots : If a lot of screenshots are necessary, consider a tool that allows for inline screenshot insertion. • Code blocks : Code blocks need formatting to be properly and quickly understood. • Portability : Something that can be used cross-OS, or easily transferred to another place should be high on the list of priorities. • Directory Structure : In an engagement with multiple domains or applications, keeping a coherent structure is necessary. While manually setting up a structure is allowed, a tool that can do this automatically makes things easier. Now that we have a good baseline of our requirements, let’s consider the use of some particular note-taking tools. Sublime 198 is a pretty standard text editor that adds lots of useful features and functionality. One of the most important features it provides is flexible syntax highlighting. Syntax highlighting allows us to place code blocks into a file, and those code blocks will be highlighted according to the programming language’s specific syntax rules. However, this often comes with limitations. Highlighting two languages is not possible with one file. In an engagement with a single code type, this is not a problem, but for others, we may prefer to use different options. Additionally, it’s not currently possible to inline screenshots at the time of writing. Another tool we can consider is CherryTree . 199 This tool comes as standard in Kali. It contains many of the features that are necessary for note-taking. It uses an SQLite database to store the 198 (Sublime, 2022), https://www.sublimetext.com/download 199 (Cherry Tree, 2022), https://github.com/giuspen/cherrytree Penetration Testing with Kali Linux PWK - Copyright © 2023 OffSec Services Limited. All rights reserved. 95 notes we take, and these can be exported as HTML, PDF, plain text, or as a CherryTree document. CherryTree comes with a lot of built-in formatting, and provides a tree structure to store documents, which it calls “nodes” and “subnodes”. Below is an example of CherryTree being used to store penetration testing notes using a fairly simple tree structure. Figure 7: CherryTree The final tool we’ll consider is the Obsidian 200 markdown editor, which contains all the features that we need for note-taking. We can install Obsidian as a snap 201 application or in its Flatpak 202 application form. It also comes as an AppImage, 203 meaning that all we need to do is copy it into our system, mark it as executable, and run it. kali@kali:~$ Yüklə Dostları ilə paylaş:
|