Tải bản đầy đủ - 0 (trang)
8  Installing the ViewState Decoder

8  Installing the ViewState Decoder

Tải bản đầy đủ - 0trang

2.9 Installing cURL


The cURL tool is a command-line utility that supports an array of web protocols and

components. It can be used as a browser-without-a-browser; it implements browserlike features, yet may be called from any ordinary shell. It handles cookies, authentication, and web protocols better than any other command-line tool.


To Install cURL, navigate to http://curl.haxx.se/download.html.

Select the download option appropriate to your operating system, download the zip

file, and unzip it to the location of your choice.

Navigate to that directory in a terminal or shell, and you may execute cURL from there.


Like many command-line utilities, cURL has a great number of options and arguments.

cURL’s authors recognized this and put together a brief tutorial, available at http://curl


You may also download cURL as part of your Cygwin installation.

2.10 Installing Pornzilla


Pornzilla isn’t an individual tool, but rather a collection of useful Firefox bookmarklets

and extensions. While ostensibly this collection is maintained for more prurient purposes, it provides a number of convenient tools useful for web application security



Pornzilla is not installed as a cohesive whole. You may find all of the components at


To install a bookmarklet, simply drag the link to your bookmark toolbar or bookmark


To install an extension, follow the links and install the extension as you would any

Firefox extension.

24 | Chapter 2: Installing Some Free Tools


The collection of tools really does provide a number of convenient abilities, unrelated

to the intended use of the collection itself. For example:

• RefSpoof modifies HTTP Referer information, possibly bypassing insecure login


• Digger is a directory traversal tool.

• Spiderzilla is a website spidering tool.

• Increment and Decrement tamper with URL parameters.

None of these tools will install, download, or display pornography unless specifically used for that purpose. None of the individual bookmarklets or extensions contain inappropriate language, content, or

instructions. We assure you that the tools themselves are agnostic; it is

the use of the tools that determines what is displayed. The tools themselves do not violate any U.S. obscenity laws, although they may violate

company policy.

2.11 Installing Cygwin


Cygwin allows you to use a Linux environment within Windows. It is useful for running

all the utilities and scripts built for Linux, without having requiring a full Linux installation. It’s not only useful to have around, it’s necessary to install other tools we



If you’re already working on a Unix, Linux, or Mac OS machine—you don’t need

Cygwin. You already have the environment you need via the standard terminal.

Download the Cygwin installer from http://www.cygwin.com/, and execute it.

Select the “Install from the Internet” option when asked to choose an installation type.

You may select where to install Cygwin—note that this will also set the simulated root

directory, when accessed from within Cygwin. Once you’ve set appropriate options

regarding users and your Internet connection, you’ll need to select a mirror for downloading packages.

Packages are all the various scripts and applications pre-compiled and available for

Cygwin. All of the mirrors should be identical; pick whichever one works for you. If

one is down, try another. Cygwin will then download a list of available packages. It

presents the packages available in a hierarchy, grouped by functionality. Figure 2-2

2.11 Installing Cygwin | 25

Figure 2-2. Selecting Cygwin packages

shows the package selection list. We recommend you select the entire Perl directory,

as well as the curl and wget applications from the web directory.

You may also download development tools and editors of your choice, particularly if

you’d like to compile other applications or write custom scripts from within the Linux


Once you’ve selected the appropriate packages, Cygwin will download and install them

automatically. This can take some time. Once the installation is complete, fire up the

Cygwin console and you may use any of the installed packages.

Run Cygwin setup again at any time to install, modify, or removes packages, using the

exact same sequence as the first install.


Cygwin provides a Unix-like environment from within Windows, without requiring a

restart, dual-boot, or virtualized machine. This does mean that binaries compiled for

other Unix variants will not necessary work within Cygwin; they will need to be recompiled for or within Cygwin itself.

In order to create a Unix-compatible file structure, Cygwin will consider the folder

where it is installed as the root folder, and then provide access to your other drives and

folders via the cygdrive folder.

26 | Chapter 2: Installing Some Free Tools

Note that Cygwin lacks many of the protections associated with partitioned, dual-boot

environments or virtual machines. Within Cygwin, you have access to all of your files

and folders. There will be nothing to prevent you from modifying these files, and actions

may be irreversible. For those of you used to the Windows environment, note that there

isn’t even a Recycle Bin.

2.12 Installing Nikto 2


Nikto is the most widely used of the few open source, freely available web vulnerability

scanners. It comes configured to detect a variety of problems with minimal manual



Nikto is, at heart, a Perl script. Download it at http://www.cirt.net/nikto2.

You’ll need to unzip that package and run Nikto from within Cygwin (see Recipe 2.11) or another Unix-like environment.

Nikto has one external dependency, which is the LibWhisker module. You may download the latest version of LibWhisker at http://sourceforge.net/projects/whisker/.

Once you’ve unzipped both files into the same directory, you may call Nikto via Perl

from the command line, as in:

perl nikto.pl -h


Nikto is quite extensible, and is built to incorporate tests beyond just the basic functionality. For details on integration Nikto with Nessus, SSL, or NMAP, see Nikto’s

documentation at http://cirt.net/nikto2-docs/index.html.

From a testing perspective, Nikto serves as an automation script that has been written

for you. For the tests that is is built to handle, it will test faster and with more combinations than you could. It frees you to focus your intuition and efforts into more complex or risky areas. On the other hand, running a set of stock automated tests doesn’t

guarantee high accuracy or coverage. It may not find a high percentage of bugs. When

it does identify issues, they may not be true problems, and will require some investigation. It is not truly a “fire-and-forget” solution—you’ll have to investigate the results

and determine if what it found was useful.

2.12 Installing Nikto 2 | 27

2.13 Installing Burp Suite


The Burp Suite is a collection of web application security tools, not unlike OWASP’s

WebScarab. It includes components to intercept, repeat, analyze, or inject web application requests.


Download the Burp Suite from http://portswigger.net/suite/download.html.

Unzip the Burp Suite folder, and run the JAR file. The JAR file typically has the version

number in it, like burpsuite_v1.1.jar. As a Java application, it shouldn’t matter which

operating system you’re using, as long as you have the Java Runtime Environment



The Burp Suite is the “least free” tool we recommend. It is not open source, and the

Intruder component is disabled until you purchase a license. While the Intruder component is necessary to develop complex attacks for penetration testing, the basic functionality is more than enough if your goal is not to fully exploit the application.

The Burp Suite combines several tools:

Burp proxy

Intercepts requests, just like any other web proxy. It is the starting point for using

the rest of Burp Suite.

Burp spider

Will crawl your web application, logging each page it touches. It will use supplied

credentials to log in, and it will maintain cookies between connections.

Burp sequencer

Performs analysis on the predictability of session tokens, session identifiers, or

other keys that require randomness for security.

Burp repeater

Allows one to tweak and resubmit a previously recorded request.

2.14 Installing Apache HTTP Server


The Apache HTTP Server is an open source web server that is currently the most popular HTTP server on the World Wide Web. You may need to set up an HTTP server

to carry out some of the advanced cross-site scripting (XSS) exploits discussed in

28 | Chapter 2: Installing Some Free Tools

Tài liệu bạn tìm kiếm đã sẵn sàng tải về

8  Installing the ViewState Decoder

Tải bản đầy đủ ngay(0 tr)