NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf ·...
-
Upload
nguyenkhanh -
Category
Documents
-
view
225 -
download
0
Transcript of NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf ·...
![Page 1: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/1.jpg)
“The Zed Attack Proxy (ZAP) is an easy to use
integrated penetration testing tool for finding
vulnerabilities in web applications”
Melissa Berghmans
Colin Williams
November 2013
https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
NEST Kali Linux Tutorial:
OWASP Zed Attack Proxy
![Page 2: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/2.jpg)
Zed Attack Proxy
• ZAP is an intercepting proxy
– Sits between your browser and the internet
and listens to all web pages you visit
• ZAP makes it easy to test web application security
• ZAP is a project by the Open Web Application Security Project
![Page 3: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/3.jpg)
ZAP Setup
• Start ZAP: – Applications → Kali Linux → Top 10 Security Tools → owasp-zap
![Page 4: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/4.jpg)
ZAP Setup
• Open Iceweasel– Edit → Preferences → Advanced → Network
![Page 5: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/5.jpg)
ZAP Setup
• Configure Proxy
– Settings
→ Manual Proxy Configuration
• Close Settings
• ZAP is now ready!
![Page 6: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/6.jpg)
Choose a Target
• Navigate to http://www.webscantest.com/
![Page 7: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/7.jpg)
Choose a Target
• Click ‘DB Inject Tests’
• Click ‘Pretty wide open against an intvalue that has no quotes around it’
![Page 8: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/8.jpg)
Choose a Target
• Click ‘search’
![Page 9: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/9.jpg)
Choose a Target
• Switch back to ZAP
![Page 10: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/10.jpg)
Choose a Target
• Expand ‘http://www.webscantest.com’, ‘datastore’
• Click on the ‘POST’, and select the ‘Request’ tab
![Page 11: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/11.jpg)
Fuzz!
• Select the parameter value (e.g. ‘1’)
• Right click, select ‘Fuzz’
![Page 12: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/12.jpg)
Fuzz!
• Select Fuzz Category: ‘jbrofuzz / SQL Injection’
• Select Fuzzer: ‘MySQL Injection 101’
![Page 13: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/13.jpg)
Fuzz!
• Click ‘Fuzz’, and watch the results at the bottom
![Page 14: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/14.jpg)
Fuzz!
• Click on a fuzz attempt, and look at the HTML source:
![Page 15: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/15.jpg)
Exploit
• Go back to Iceweasel, enter ‘1 OR 1=1’ into search field, and click search:
![Page 16: NEST Kali Linux Tutorial: OWASP Zed Attack Proxynest.unm.edu/files/9113/8379/8041/owaspzap.pdf · OWASP Zed Attack Proxy. Zed Attack Proxy • ZAP is an intercepting proxy ... →](https://reader030.fdocuments.us/reader030/viewer/2022020113/5a96a49d7f8b9a9c5b8d138f/html5/thumbnails/16.jpg)
References
• http://www.youtube.com/watch?v=Xp_PBH7wjiw