Saturday, 26 January 2013

Webshag On Backtrack 5


WEBSHAG CLI 
webshag on backtrack 5

DESCRIPTION 
  • Webshag is a multithreaded ( means executing multiple instructions at the same time ), 
  • It is Multiplatform means  it can run on a different types of computer system .
  • It is a web server audit tool . 
FUNCTIONS 
  • The common functionalities of the webshag are - 
  1. Port Scanning .
  2. Web Crawling. 
  3. Url Scanning. 
  4. Retrieving the list of domain names .
  5. File fuzzing .
Webshag also provides the Graphical User Interface .Also it is available for Windows & Linux . 

INSTALLATION OF WEBSHAG 
  • Webshag is pre-installed on backtrack 5 , so don't have to worry about how to installed it on your Linux machine . 

HOW TO OPEN WEBSHAG ON BACKTRACK 5( GNOME )
  • Go to BackTrack > Vulnerability Assessment >  Web Assessment > Web Fuzzers > webshag-cli
  • See the below image for more details - 

webshag cli on backtrack 5
WEBSHAG COMMAND LINE 
webshag opened
WEBSHAG OPENED

HELP OPTION 
  • Command for help is : ./webshag_cli.py -h 
webshag help

HOW TO USE WEBSHAG CLI WITH OPTIONS 

PSCAN(PORT SCAN ) MODULE 
  • With this module we can discover open HTTP ports on the target machine .
  • For PSCAN module , webshag  totally relies on Nmap . So if your nmap is not function or not installed , then this will not work . 
  • So be sure everything works fine . 
COMMAND USED FOR PSCAN MODULE 
  • ./webshag-cli -m pscan < target-ip >
  • See the below image for real world example of webshag ( some identities are hide for confidentiality).

webshag pscan
WEBSHAG PSCAN 
SPIDER MODULE 
  • This module allows to crawl the whole website and extract all the information like directory names, links to external websites and email addresses . 
COMMAND USED FOR THE SPIDER MODULE 
  • ./webshag_cli.py -m spider -p 80 / < target-ip >
  • See the real world example for more details - 
webshag spider
WEBSHAG SPIDER 
USCAN (URLSCANNER)
  • The Urlscanner is used to perform a vulnerability scan on a target webserver or web application.
  • For vulnerability scanning , it relies on two databases -
  1. Nikto Databases 
  2. Custom Databases .
  • See the real work example for more details - 
webshag uscan
WEBSHAG USCAN

MORE VULNERABILITIES


FUZZ MODULE 
  • Fuzz module is used to discover the hidden files on the server . 
  • It can use two different modes of operation -

  1. List mode
  2. Generator mode
List Mode : In list mode you can have different options like -
  • 00 - For nothing 
  • 01 - For files only 
  • 11 - For both files and directories .
webshag list mode
WEBSHAG LIST MODE

GENERATOR MODE : 


REPORTING 
  • Webshag allows exports reports in three formats - XML ,HTML , TXT .
  • Command used to export the report are - 
  • ./webshag_cli.py -m uscan -x -o html -f '/root/Desktop/hackingDNA.html'  

CONCLUSION 
  • Its is a good tool for vulnerebility testing . 
  • If you can easily  use this command based tool then you don't find problems with webshag GUI tool 
  • You will find so many challege to configure the nikto database . So be sure your path will be correct otherwise , some of the features will not work .
  • Give yourself a command based challenge , GUI everyone can use it . 


JOIN US 
ON 
FACEBOOK

THIS TUTORIAL IS JUST FOR EDUCATIONAL PURPOSE ONLY/-


0 comments:

Categories

Angry IPScanner On Backtrack 4 Arduino Arduino Opensource community attacks on router auditing tool Aurora Exploiting Through Kali Linux AUTOSCAN ON BACKTRACK 5 BackBox Linux On hackingDNA Backtrack 5 : Linux Commands Backtrack Bootable Pendrive Backtrack Tool : The Harvester Blender On Backtrack 5 Block Command Prompt Browser Autopwn On Backtrack 5 BUGTRAQ LOG REMOVER BLEACHBIT chkrootkit on Backtrack 5 chntpw on backtrack 5 cisco switches routing auditing tool. Client Side Attack On Backtrack 5 Command Shell Upgrade On Backtrack 5 Conky On Backtrack 5 convert guest account into admin using chntpw in backtrack 5 Convert Jpg Image into Ascii on Backtrack 5 countermeasures Cracking Unix Password On Backtrack 5 Cupp On Backtrack 5 Cutycapt On Kali Linux Detect Sniffer6 On Kali Linux dmitry on backtrack 5 Dnmap On Kali Linux dnsenum on backtrack 5 dnsrecon on backtrack 5 dnstracer on backtrack 5 dnswalk on backtrack 5 DOMAIN TOOL ON BUGTRAQ Dos attack driftnet on backtrack 5 dsniff on backtrack 5 enum4linux esp8266 EtherApe On BackTrack 5 ewizard on backtrack 5 ExifTool On BackTrack 5 Exploit Distccd On BackTrack 5 Exploit RDP Vulnerability On Kali Linux Exploit Samba Server On Backtrack 5 fatback on backtrack 5 FERN CRACKER ON BACKTRACK 5 Fierce in Backtrack 5 findmyhash : Crack the hash on Backtrack 5 Firewalk-Script On BackTrack 5 Firewall On Backtrack 5 Flash Player On Backtrack 5 Genlist On Backtrack 5 Gerix Cracker On Backtrack 5 Get Your Data Back Golismero On BackTrack 5 GOOFILE ON BUGTRAQ Google Kung-Fu goohost on backtrack 5 Grendel-Scan On Backtrack 5 gtk-recordmydesktop on backtrack 5 HACK BACKTRACK 5 via RAT Hack The Database with Backtrack 5 Hack the Facebook with Backtrack 5 Hack the windows in GNS3 Hack Windows XP using Backtrack 5 Hack Windows Xp using msfconsole hacking Hacking Lab 01 Hacking Windows 7 USING Backtrack 5 hackingdna hackingDNA choice :Best Antivirus Detection honeyd on backtrack 5 honeypot on backtrack 5 HOW TO INSTALL REDHAT ENTERPRISE LINUX 5 How to block ICMP request How To Install CAINE How to Install Chromium Browser on Backtrack 5 How to Install Windows 7 Ultimate How To Install Xampp On Kali Linux How to make new User in Backtrack 5 How to see files and directories on Linux how to use arduino in kali linux How to use Host Command on Backtrack 5 How to use Nano Editor on Backtrack 5 How to use Ping Command on Backtrack How to use whois tool on Backtrack 5 hping2 on backtrack 5r2 Httprint On BackTrack 5 icmpv6 flooding attack ifconfig command Installing And Accessing Backdoor On Backtrack 5 Installing software on Backtrack 5 using apt-get ipcalc on backtrack 5 Itrace On BackTrack 5 Jigsaw On Backtrack 5 Joomscan On Backtrack 5 KALI ARMITAGE ON KALI LINUX kali linux kali linux arduino Kali Linux Installation Kali Rolling Release 2016.2 keimpx on backtrack 5 Lanmap On Backtrack 4 Learn arping on Backtrack 5 Learn Basic of Internet with DAWN OF THE NET Learn Basics if Screen Utility Learn cmospwd on Backtrack 5 Learn dnsdict6 on backtrack 5 Learn fping on Backtrack 5 Learn Help Utilities Command On Backtrack 5 Learn hexedit on Backtrack 5 Learn how to hack root account on REDHAT5 Learn How to Install Backtrack 5 Learn how to make Bootable Pendrive Learn how to split Terminal into different regions Learn How To Split Terminal on backtrack 5 Learn how to use Armitage in Backtrack 5 Learn how to use chntpw on backtrack 5 LEARN HOW TO USE CISCO PACK ON BUGTRAQ - II Learn How to use ettercap on Backtrack 5 for hacking username and passwords Learn how to use Netstat Commands On Backtrack 5 Learn how to use nipper Learn How to work with Vim editor on Backtrack 5 Learn Linux Commands on Backtrack Environment Learn Netdiscover On Backtrack 5 Learn Pentbox On Backtrack 5 Learn Recoverjpeg on Backtrack 5 Learn samdump on backtrack 5 Learn TrueCrypt On Backtrack 5 LINUX NETWORKING COMMANDS ON BACKTRACK 5 linux OS LINUX PARTITION ON BACKTRACK 5 List-Urls On Backtrack 4 Load Balancing Detector On Backtrack 5 LOG REMOVER BLEACHBIT Lynis On Backtrack 5 Mac Tracker On Backtrack 5 macchanger on backtrack 5 Matriux Installation On hackingDNA Metaexploit Framework : Collecting Email Addresses Metasploit Framework With Basic Commands Meterpreter on Backtrack 5 mitre-cve on backtrack 5 MSF AUXILIARY SCANNING ON BACKTRACK 5 msf scanning on backtrack 5 nbtscan on backtrack 5 NESSUS ON BACKTRACK 5 Net Card Config Netcat : Learn how to create a instant chat session on Backtrack 5 netenum on backtrack 5 Netifera On Backtrack 5 NETMASK On Backtrack 5 NIKTO ON KALI LINUX Nmap Scanning On Backtrack 5 nmap smb script offensive security Oneko And Cowsay On BackTrack 5 OpenOffice On Backtrack 5 OpenVAS On Backtrack 5 Orion Browser History Dumper v1.0 Penetration Testing Pipal On Backtrack 5 PostgreSQL On Kali Linux Practice Session On Backtrack 5 PROTOS on backtrack 5 Reconnaissance Recover Kali Password Remote Desktop Connection Remote Desktop On Backtrack 5 Remote Desktop Sharing Removing Backdoor on Backtrack 5 Restrict Control Panel Restrict Registry Editor by Group Policies Rkhunter On Backtrack 5 router auditing tool Router Penetration Testing router security Safecopy On Backtrack 5 samba testing samrdump on backtrack 5 Scanning security auditing tool Shell Scripting On Kali Linux Shrink and Create Partition on Windows 7 Shutter On Backtrack 5 siege on backtrack 5 smb enumeration smb hacking Smbclient On Backtrack 5 Smtpscan On Backtrack 5 SMURF6 ON KALI LINUX Sniff Images on Backtrack 5 using Driftnet Snort On Backtrack 5 snurf6 Software Updates On Kali linux Spoof Your MAC Address on Backtrack 5 sql attack SSID ssldump on backtrack 5 sslstrip on backtrack 5 Start Backtrack 5 Without Startx Steam Locomotive On BackTrack5 Stop Bruteforce attack System Monitor On Backtrack 5 tcptraceroute on backtrack 5 Tctrace On Backtrack 5 TeamViewer On BackTrack 5 TELNET On Backtrack 5 Terminator On Backtrack 5 the Harvester On Backtrack 5 Things you should know about Backtrack Tweak Your System Settings On Backtrack 5 Tweak Your System Settings On Backtrack 5 Part 2 Unicornscan On BackTrack 5 Uniscan On Backtrack 5 urlcrazy on backtrack 5 urlsnarf on backtrack 5 WBOX on Backtrack 4 and 5 Weak points Web Httrack::Web Copier Websecurify On BackTrack5 Webshag On Backtrack 5 WEP CRACKING ON BACKTRACK 5 whatweb on backtrack 5 WHATWEB ON BUGTRAQ Wiffit (wafw00f): Firewall Detection Tool On Backtrack 5 wireshark Xpdf On Backtrack 5 xprobe2 on backtrack 5 Zenmap

Popular Posts