Windows system-web Penetration tool-awvs

Windows system-web Penetration tool-awvs

Acunetix WEB Vulnerability SCANNER (AWVS)

Awvs is a well-known web security scanner, is one of the most popular scanners under Windows System platform, is a commercial version of "cracked version", relatively open-source software, more detailed. Support for Ajax, JavaScript, scripting code for the client is better, it's easier to find hidden deeper URL addresses, and more.

1, Acusensor Gray box test "Awvs the biggest features of other scanners do not have"

#需服务端布置agent

Discovery Crawl cannot discover files

Additional vulnerability scanning

The source line number of the vulnerability can be found

Support PHP,. NET (injection of compiled. NET without source code)

2. Can generate PCI, 27001 Standard and regulatory reports

Integration of various reporting templates

3, with network scanning

FTP, DNS, SMTP, IMAP, POP3, SSH, SNMP, Telnet

Integrated OpenVAS Scan Vulnerability (functionally relative)

Tools

############################################################################################

A, crawl

Site Crawler

B, sub-domain scanner

Subdomain Scanner "Passive information collection: Finding subdomains and host names"

C. Discovery Scanner

Target Finder "Host discovery: Specify IP Address segment"

d, SQL injection validation

#AWVS提供攻击性功能, SQL exploits can be exploited

E, HTTP Editor

#手动漏洞挖掘探测功能

F, HTTP Sniffer

Agent Scan

Enable in the browser

To manually crawl

# # #AWVS无法直接识别手动爬网结果, you need to turn the transfer results

##################################################################################

Wizard: Scan after crawl completes "pilot out target Finder"

#CSRF手动验证

##################################################################################

G, HTTP fuzzer "Fuzzy test"

Export to HTTP Fuzzer

#################################################################################

How to quickly find the ASCII code of a letter: Hold down the ALT key, tap the keypad number

#################################################################################

H, Identity Verification test

I, results comparison "differential test"

###########################################################################################

Web Service

Web servies Scanner

Web Service Editor

Configuration information

Application Settings

Login Sequence Manager: Limit logout, verify return information, login successful

False postives: Limit false positives

Acusensor Deployment: Arrangement acusensor

Scan Settings

Scan settings

Scanning Profiles

Scan configuration Files

#######################################################################################

Acusensor Installation

Server-side

1. Generate Agent file acu_phpaspect.php (PHP5.0 or more)

2, copy files to the target server, the Web program can access the directory

Through Kali copy to Metasploitable "Ubuntu system, everything sudo"

[email protected]:~# SCP acu_phpaspect.php [email protected]:/home/msfadmin[email protected] ' s password:acu_phpaspect.php 100% 35KB 15.1mb/s 00:00 [email protected]:~# ssh [em Ail protected][email protected] ' s password:linux metasploitable 2.6.24-16-server #1 SMP Thu Apr 13:58:00 UT C i686the programs included with the Ubuntu system is free software;the exact distribution terms for each program AR E described in theindividual files in/usr/share/doc/*/copyright. Ubuntu comes with absolutely NO WARRANTY, to the extent permitted byapplicable law. To access official Ubuntu documentation, please visit:http://help.ubuntu.com/no mail. Last Login:tue Oct 09:00:34 2016[email protected]:~$ lsacu_phpaspect.php vulnerable[email protected]:~$ sudo mv acu_phpaspect.php/var/www/dvwa/[sudo] password for msfadmin: [email protected]:~$ cd/var/www/dvwa/[email  protected]:/var/www/dvwa$ sudo chown www-data:Www-data acu_phpaspect.php   

3. Modify. htaccess or php.ini "make acu_phpaspect.php file effective"

Php_value auto_prepend_file ' [path to acu_phpaspect.php file]

# #可通过查phpinfo文件或者find命令得到php the location of the. ini file

[Email protected]:/var/www/dvwa$ cd/etc/php5/cgi/[email protected]:/etc/php5/cgi$ Lsconf.dphp.ini[email protected] :/etc/php5/cgi$ sudo vi php.ini

Search for specific characters in Vim:/[specific characters]

#添加路径

# #重启apache服务

Client

Reporting features

Reports

Windows system-web Penetration tool-awvs